SecureLinxTM SLP Remote Power Manager User Guide Part Number 900-371 Revision C January 2009
Copyright & Trademark © 2004, 2006 Lantronix. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any form or by any means without the written permission of Lantronix. Printed in the United States of America. Ethernet is a trademark of XEROX Corporation. UNIX is a registered trademark of The Open Group. Windows 95, Windows 98, Windows 2000, and Windows NT are trademarks of Microsoft Corp. Netscape is a trademark of Netscape Communications Corporation.
Life-Support Policy As a general policy, Lantronix does not recommend the use of any of its products in the following situations: Life-support applications where failure or malfunction of the Lantronix product can be reasonably expected to cause failure of the life-support device or to significantly affect its safety or effectiveness. Direct patient care.
Contents 1: Introduction 7 Features and Benefits ________________________________________________ 7 Communication Access Modes _____________________________________________ 7 Power Distribution _______________________________________________________ 7 Load and Environment Measurement ________________________________________ 7 Power-up Sequencing ____________________________________________________ 7 Outlet Grouping _________________________________________________________ 8 Security ______________________
Contents Command Line Interface _____________________________________________ 33 Logging In _____________________________________________________________ 33 Operations Commands ___________________________________________________ 36 Administration Commands ________________________________________________ 42 4: Advanced Operations 65 SSL _____________________________________________________________ 65 Enabling and Setting up SSL Support _______________________________________ 65 SSL Technical Specification
Contents List of Figures Figure 2-1. SLP Hardware View________________________________________ 10 Figure 2-2. Retention Bracket Assembly _________________________________ 11 Figure 3-1. Web Browser Interface _____________________________________ 15 List of Tables Table 3-1. Outlet State/Control State Field Values _________________________ 16 Table 3-2. Operations Command Summary ______________________________ 34 Table 3-3. Administrative Command Summary ____________________________ 34 Table 4-1.
1: Introduction The Lantronix SLP Remote Power Manager family of products provides easy, practical, and secure solutions for power distribution, power management and loadmeasurement for remote equipment and branch AC circuits. The SLP Remote Power Manager supports the elimination of unnecessary trips to remote locations by allowing remote control of the power on/off status for distant critical equipment, minimizing the impact of locked-up devices on mission-critical systems.
1: Introduction When powered on, each of the power outlets power sequentially with a two-second delay between each outlet. Power sequencing staggers the individual loads, eliminating the potential of a blown fuse or circuit breaker due to excessive in-rush current and allows circuit support for operating load capacities of 80% to 90%. Outlet Grouping For operations across multiple attached devices or devices with multiple or redundant power supplies, include outlets in one or more named groups of outlets.
2: Installation Prior to installation, refer to the following lists to ensure that you have all the items shipped with the unit as well as all other items required for proper installation.
2: Installation Connectors for Optional Temperature/Humidity Sensor Figure 2-1.
2: Installation Always disconnect the power supply cord before opening to avoid electrical shock. Warning! High leakage current! Earth connection is essential before connecting supply! Warning: 208-240/230V models only: Outlets are not fused.
2: Installation Connecting to the Power Source Attach the power cord to the unit before connecting the unit to the power source. Each outlet powers up sequentially, with a two-second delay between each outlet, eliminating a potential blown primary fuse or circuit breaker from excessive in-rush current. To attach a power cord to the unit: 1. Plug the female end of the power cord firmly into its connector at the base. 2. Use a screwdriver to tighten the two screws on the retention bracket.
2: Installation The following network defaults allow unit configuration out-of-the-box through either Telnet/SSH or via a web browser: IP address: 192.168.1.254 Subnet Mask: 255.255.255.0 Gateway: 192.168.1.1 The local PC network connection must be configured as Noted below: Note: Contact your system administrator for instructions in reconfiguring the network connection. Reconfiguration of your network connection may require a restart to take effect. IP address: 192.168.1.
3: Operations User Interfaces Two user interfaces are available: the web browser interface accessed via the HTTP/SSL enabled Ethernet connections and the command line for serial and Telnet/SSH connections. Outlet Naming and Grouping For commands requiring an outlet name, you may specify it in one of two ways: a predefined absolute name or a descriptive name assigned by an administrator. Models with a Single Power Infeed Absolute names are specified by a period (.
3: Operations used to display current data and allow changes to outlet states or system configuration. Figure 3-1. Web Browser Interface The following sections describe each interface section/page and their use. Logging In Logging in via a web browser requires directing the web client to the configured IP address of the unit. To log in by web browser: 1. In the login window, enter a valid username and password and press OK. (Default username/password:sysadmin/PASS).
3: Operations Available outlet and group power states may be set to on, off or reboot; the reboot operation turns the outlet(s) off, delays for a period of 15 seconds and then turns the outlet(s) on. Individual The Individual outlet control page displays all outlets assigned to the current user. The user may apply on, off or reboot actions to individual, multiple or all accessible outlets. To apply actions to individual or multiple outlets: 1.
3: Operations Outlet State Control State Description On/Error varies Error State – Outlet should be off but current is sensed at the outlet Off/Error varies Error State – Outlet should be on but no current is sensed at the outlet Off/Fuse On Outlet should be on but a blown fuse has been detected.
3: Operations 1. Select Normal or Inverted from the drop-down menu and press Apply. Enabling or disabling strong password requirements: 1. The SLP supports enforcement of strong passwords for enhanced security. When enabled, all new passwords must be a minimum of 8 characters in length with at least one uppercase letter, one lowercase letter, one number and one special character. 2.
3: Operations Creating a descriptive outlet name: 1. Click on the Outlet Names link which will open the Outlets configuration page. See Outlets on page 22 for additional information on creating descriptive outlet names. Creating a descriptive serial port name: 1. Click on the Serial Port Names link which will open the Serial Port configuration page. See Serial Port on page 21 for additional information on creating descriptive serial port names. Creating a descriptive Environmental Monitor name: 1.
3: Operations Telnet/SSH The Telnet/SSH configuration page is used to enable or disable Telnet and SSH support and configure the port number that the Telnet or SSH server watches. For more information on SSH see Advanced Operations on page 66. Enabling or disabling Telnet or SSH support: 1. Select Enabled or Disabled from the appropriate Server drop-down menu and press Apply. Changing the Telnet or SSH server port number: 1. In the appropriate Port field, enter the port number and press Apply.
3: Operations Note: The default port number for HTTP is 80. Setting the HTTP authentication method: The HTTP server supports two authentication methods for security and validation of the username-password – Basic and MD5 digest. The Basic method utilizes Base64 encoding to encode and deliver the usernamepassword over the network to the HTTP server for decoding and authentication. This basic method is supported by all web browsers and offers a minimum level of security.
3: Operations 2. On the subsequent Serial Port Edit page, enter the descriptive name. Up to 24 alphanumeric and other typeable characters (ASCII 33 to 126 decimal, spaces and colon characters are not allowed) are allowed. Press Apply. Note: Port names ‘1’ thru ‘64’ and ‘CONSOLE’ are reserved system names and may not be used. Enabling or disabling serial port active signal checking: 1. Click on the Edit link in the Action column next to the port to be configured. 2.
3: Operations 1. Enter a descriptive group name in the Group Name field. Up to 24 alphanumeric and other typeable characters (ASCII 33 to 126 decimal, spaces and colon characters are not allowed) are allowed. Press Apply. Removing a group: 1. Click on the Remove link in the Action column for the group to be removed and press Yes on the subsequent confirmation window. Adding and Deleting outlets from a group: 1. Press the Edit link in the Action column for the associated group. 2.
3: Operations assigned outlets, groups and serial/Pass-Thru ports. On-Only: Partial-access for control (On) , status and Pass-Thru of assigned outlets, groups and serial/Pass-Thru ports. View-Only: Partial-access for status and Pass-Thru of assigned outlets, groups and serial/Pass-Thru ports. The administrator may also grant administrative privileges to other user accounts, allowing the SLP to have more than one administrative-level user.
3: Operations 1. Enter the FTP server username in the Username field, and press Apply. Setting the FTP password: 1. Enter the FTP server password in the Password field, and press Apply. Setting the file path: 1. Enter the path of the file to be uploaded in the Directory field, and press Apply. Setting the filename for upload: 1. Enter the filename of the file to be uploaded in the Filename field, and press Apply.
3: Operations 1. Enter the IP address or hostname in the Primary and/or Secondary Host field and press Apply. Setting the Local GMT offset: 1. Select the local offset from GMT value from the drop-down menu and press Apply. Setting the Syslog server address: 1. Enter the IP address or hostname in the Primary and/or Secondary Host field and press Apply. Changing the Syslog server port number: 1. In the Syslog Port field, enter the port number and press Apply.
3: Operations 1. In the appropriate field, enter the SysName, SysLocation or SysContact objects and press Apply. Enabling or disabling tower (unit) traps: 1. Click on the Tower Traps link. 2. On the subsequent page, select or deselect the desired traps and press Apply. Configuring input feed traps: 1. Click on the Input Feed Traps link. 2. On the subsequent Input Feed Traps page, select or deselect the desired traps and press Apply. 3.
3: Operations Changing the LDAP server port: 1. Enter the port number in the LDAP Port field and press Apply. Setting the LDAP server address: 1. Enter the IP address or hostname in the Primary and/or Secondary Host field and press Apply. Note: If LDAP over TLS/SSL is enabled, MD5 binding is disabled. Enabling or disabling LDAP over TLS/SSL: 1. Select Yes or No from the Use TLS/SSL drop-down menu and press Apply. Setting the LDAP bind password type: 1.
3: Operations Configuring LDAP groups: 1. Click on the LDAP Groups at the bottom of the page. Creating an LDAP group: 1. Enter a descriptive group name in the LDAP Group Name field. Up to 24 alphanumeric and other typeable characters (ASCII 33 to 126 decimal) are allowed; spaces are not allowed. Press Apply. Removing an LDAP group: 1. Click on the Remove link in the Action column for the group to be removed and press OK on the subsequent confirmation window.
3: Operations 1. Select Enabled or Disabled from the TACACS+ drop-down menu and press Apply. Setting the TACACS+ server address: 1. Enter the IP address or hostname in the Primary and/or Secondary Host field and press Apply. Changing the TACACS+ server port: 1. Enter the port number in the Port field and press Apply. Configuring the authentication order: 1. Select Remote -> Local or Remote Only from the drop-down menu and press Apply.
3: Operations 4. On the subsequent LDAP Group-Outlets page, select or deselect outlets to be accessed by the TACACS+ Privilege Level and press Apply. Adding and Deleting outlet group access: 3. Click on the Outlets link in the Action column for the associated TACACS+ Privilege Level. 4. On the subsequent LDAP Group-Groups page, select or deselect outlet groups to be accessed by the TACACS+ Privilege Level and press Apply. Adding and Deleting serial port access: 3.
3: Operations Ping The Ping feature may be used to test the SLP’s ability to contact another Ethernet enabled device’s IP address. For LDAP support, it may also be used to test the configuration of the Domain Name server IP address by testing for proper name resolution. Change Password The Change Password feature allows users to change their own password. Note: An administrator can always assign a new password. Changing a password: 1.
3: Operations Select the Restart and generate a new X.509 certificate from the Action drop-down menu and press Apply. Computing new SSH security keys: 1. Select the Restart and compute new SSH keys from the Action drop-down menu and press Apply. Command Line Interface Logging In Logging in through Telnet/SSH requires directing the Telnet/SSH client to the configured IP address of the unit.
3: Operations You may enter commands in any combination of uppercase and lowercase. You must enter all command characters correctly; there are no command abbreviations. There are two types of commands: operations and administration. A user must have administrative privileges to use the administration commands. The following tables list and briefly describe each command. Table 3-2.
3: Operations Command Description Set FTP Autoupdate Hour Set the automatic FTP udate hour Set FTP Directory Specifies the directory for the file to be uploaded Set FTP Filename Specifies the file to be uploaded via FTP Set FTP Filepath Specifies the file path for the file to be uploaded Set FTP Host Sets the FTP Host IP address Set FTP Password Sets the password for the FTP Host Set FTP Username Sets the username for the FTP Host Set FTP Server Enables or disables the FTP server Set Gate
3: Operations Command Description Show Network Display network configuration information Show Outlets Displays configuration information for all outlets Show Ports Displays the serial port configuration information Show System Displays system configuration information Show Towers Displays unit configuration information Version Displays the firmware version To display the names of commands that you may execute: 1. At the command prompt, press Enter.
3: Operations Examples The following command turns the second outlet on, using the outlet’s absolute name: SLP: on .a2 The following command turns on all the outlets in the group named ServerGroup_1: SLP: on ServerGroup_1 Turning outlets off The Off command turns off one or more outlets. When the command completes, a display indicating all outlets affected and their current states will be displayed. To turn outlets off: 1.
3: Operations Displaying outlet status The Status command displays the on/off status of one or more outlets. The command displays the status of only those outlets for which the current username has power control access. This display includes the outlet absolute and descriptive names, the Outlet State reported to the unit by the outlet and the current Control State being applied by the unit. If you do not specify any parameter with this command, the status of all accessible outlets is displayed.
3: Operations SLP: status ServerGroup_1 Group: ServerGroup_1 Outlet Outlet ID Name .A1 DataServer_1 .A2 WebServer_1 .A3 FileServer_1 Outlet State On On On Control State On On On Displaying accessible outlets The List Outlets command displays accessible outlets for the current user. The display includes the absolute and descriptive name of all outlets assigned to the current user. To display accessible outlets: 1. At the command prompt, type list outlets and press Enter.
3: Operations ID .A1 .A2 .A3 Name DataServer_1 WebServer_1 FileServer_1 Displaying accessible serial ports The list ports command displays accessible serial ports for the current user. To display accessible serial ports: 1. At the SLP prompt, type list ports and press Enter.
3: Operations Displaying the status of the Environmental Monitor: The Envmon command displays the status of the integrated Environmental Monitor. By default, only administrative user accounts are allowed access to the Envmon command. An administrator may user the Set User Envmon command to enable and disable access for other user accounts. To display the status of the Environmental Monitor: At the SLP: prompt, type envmon and press Enter.
3: Operations Administration Commands Administration commands may only be issued by a user with administrative privileges, such as the predefined administrative account or another user who has been granted administrative privileges with the Set User Admnpriv command. User Administration Creating a user account The Create User command creates a user account with the specified username and password. To create a user account: 1.
3: Operations 3. At the Verify Password prompt, retype the new password and press Enter. Examples The following command changes the password for the user JohnDoe: SLP: set user password johndoe Password: Verify Password: Setting user access level privileges The Set User Access command sets the access level privileges for a user. There are four defined access privilege levels; Admin, User, On-Only and View-Only.
3: Operations The following command displays all users with their access privilege level: SLP: list users User Privilege Name Level JOHNDOE Admin JILLDOE Power-User JANEDOE User JAKEDOE Reboot-Only JOSEYDOE On-Only JOEDOE View-Only Environmental Monitoring Allowed Allowed Allowed Not Allowed Not Allowed Not Allowed Adding outlet access to a user The Add OutletToUser command grants a user access to one or all outlets.
3: Operations SLP: SLP: add GroupToUser ServerGroup_1 janedoe add GroupToUser ServerGroup_2 janedoe Deleting group access for a user The Delete GroupFromUser command removes a user’s access to a group. You cannot remove access to any group for an administrative level user. To delete group access for a user: 1. At the command prompt, type delete GroupFromUser, optionally followed by a group name and a username. Press Enter.
3: Operations JaneDoe may access the following outlets and groups: outlet A1 which has a descriptive name of DataServer_1, outlet A2 which has a descriptive name of WebServer_1, group ServerGroup_1, group ServerGroup_2, and Console serial port. Outlet Administration Setting the sequencing interval The Set Outlet SeqInterval command sets the power on sequencing interval for all outlets. To set the sequencing interval: 1.
3: Operations Example The following command sets the wakeup state for outlet .a1 to off: SLP: set outlet wakeup off .a1 Setting the outlet Post-On delay The Set Outlet PostOnDelay command sets the Post-On delay for an outlet. This feature allows and administrator to manage boot dependencies during power-on sequencing or group commands by delaying the sequencing of subsequent outlets after an outlet has been powered on. Note: This delay is applied in addition to the general sequencing interval.
3: Operations G SLP: show outlets rOutlet Outlet ID Name o .A1 TowerA_Outlet1 u .A2 TowerA_Outlet2 p .A3 TowerA_Outlet3 .A4 TowerA_Outlet4 .A5 TowerA_Outlet5 A .A6 TowerA_Outlet6 d .A7 TowerA_Outlet7 m .A8 TowerA_Outlet8 TowerA_Outlet9 i.A9 .A10 TowerA_Outlet10 n .A11 TowerA_Outlet11 i.A12 TowerA_Outlet12 TowerA_Outlet13 s.A13 .A14 TowerA_Outlet14 t.A15 TowerA_Outlet15 r.
3: Operations Adding an outlet to a group The Add OutletToGroup command adds an outlet to a group. To add more than one outlet, but not all outlets, you must use multiple Add OutletToGroup commands. To add an outlet to a group: 1. At the command prompt, type add outlettogroup, optionally followed by an outlet name and group name. Press Enter, or 2. Type add OutletToGroup, followed by all and the group name. Press Enter.
3: Operations Example The following command adds the descriptive name DataServer_1 to outlet .a1: SLP: set outlet name .a1 DataServer_1 Setting the outlet wakeup state The Set Outlet Wakeup command set the default wakeup state for that outlet. In the event of a system-wide power loss, this state will be applied to the outlet when power is restored. The wakeup state may be set to On, Off, or Last. Upon restoration of system power; If set to On, the unit will apply power to that outlet.
3: Operations .A16 More (Y/es N/o): on Serial Port Administration Creating a descriptive serial port name The Set Port Name command assigns a descriptive name to a serial port. You may use this name in commands that require a port name as an alternative to using the port’s absolute name. To create a port name: 1.
3: Operations Setting the serial port timeout value The Set Port Speed Timeout command is used to set the serial port inactivity timeout period. The timeout period defines the maximum period of inactivity before automatically closing the session. The valid range for the period parameter is 0 to 5 (in minutes). The default period is 5. Note: Setting the timeout to ‘0’ disables the timer. To set the serial port timeout value: 1.
3: Operations 2. At the command prompt, type set banner and press Enter. Type the desired pre-login banner text and when finished type Ctrl-z. Creating a location description The Set Location command specifies text that appears in the web browser control screen’s Location field. The text is also appended to a “Welcome to” banner that appears when a user successfully logs in serially or through a Telnet session.
3: Operations H/W Rev Code: Flash Size: Uptime: Location: 0 1 MB 0 days 6 hours 14 minutes 1 second Florida HQ Setting the LED display orientation The Set Option Display command is used to configure the Current LED(s) display orientation. To set the LED display orientation: 1. At the command prompt, type set option display, followed by normal or inverted and press Enter.
3: Operations 1. At the command prompt, type set option more, followed by enabled or disabled and press Enter. Setting the temperature scale The Set Option TempScale command sets the temperature scale that the SLP will report in. To set the temperature scale: 1. At the command prompt, type set option tempscale, followed by Celsius or Fahrenheit and press Enter. Displaying system options The Show Option command displays all system option information. To display system option information: 2.
3: Operations 1. At the command prompt, type show units and press Enter. Example SLP: show units Unit Unit ID Name .A Florida_HQ_1 Creating a descriptive infeed name The Set Infeed Name command assigns a descriptive name to an infeed. This descriptive name is displayed when the Show Traps command is issued. See Displaying trap configuration information on page 76 for more information on the Show Traps command. To create an infeed name: 1.
3: Operations Example The following command adds the descriptive name Florida__HQ_1 to tower .a: SLP: set tower name .a Florida_HQ_1 Displaying Tower information The Show Towers command displays information about the SLP. This information includes the absolute and descriptive SLP names. To display unit information: 1. At the command prompt, type show towers and press Enter. Example SLP: show towers Tower Tower ID Name .
3: Operations 1. At the command prompt, type set ipaddress, followed by the IP address and press Enter. Example The following command sets the IP address to 12.34.56.78: SLP: set ipaddress 12.34.56.78 Setting the subnet mask The Set Subnet command sets the subnet mask for the network in which the unit will be attached. To set the subnet mask: 1. At the command prompt, type set subnet, followed by the subnet mask and press Enter. Example The following command sets the subnet mask to 255.0.0.
3: Operations To enable or disable automatic updates: 1. At the command prompt, type set ftp autoupdate, followed by enabled or disabled and press Enter. Setting the automatic update scheduled day The Set FTP Autoupdate Day command is used to set the day when automatic updates occur. To set the automatic update day: 1. At the command prompt, type set ftp autoupdate day, followed by the day of the week or everyday and press Enter.
3: Operations SLP: set sntp primary 204.152.184.72 The following command sets the secondary SNTP server address to cuckoo.nevada.edu: SLP: set sntp secondary cuckoo.nevada.edu Setting the local GMT offset The Set SNTP GMT offset command is used to set the offset from GMT for the date/time returned by SNTP. The offset can be configured in whole hours between 12 and 12 hours. Note: The SLP does not support automatic adjustment for daylight savings. To set the local GMT offset: 1.
3: Operations 2. At the command prompt, type show network and press Enter. Example The following command displays the network configuration information: SLP: show network Network Configuration IP Address: 12.34.56.78 Subnet Mask: 255.0.0.0 Gateway: 12.34.56.
3: Operations 1. At the command prompt, type set http security, followed by basic or md5 and press Enter. Telnet Administration Note: A restart of the unit is required after setting or changing ANY Telnet/Web configurations. See Performing a warm boot on page 57 for more information. Enabling and disabling Telnet support The Set Telnet command is used to enable or disable Telnet support. To enable or disable Telnet support: 1.
3: Operations Setting the FTP username The FTP Username command sets the username as required by the FTP Host. To set the FTP username: 1. At the command prompt, type set ftp username, followed by the FTP username and press Enter. Example The following command sets the FTP username to Guest: SLP: set ftp username guest Setting the FTP Password The FTP Password command sets the password as required by the FTP Host. To set the FTP password: 1.
3: Operations Displaying FTP configuration information The Show FTP command displays all FTP configuration information. FTP Host IP address FTP Host username and password Firmware file path and filename To display FTP configuration information: 1. At the command prompt, type show ftp and press Enter.
4: Advanced Operations SSL Secure Socket Layers (SSL) version 3 enables secure web browser sessions between a Remote Power Manager and a remote user. SSL provides two chief features designed to make TCP/IP (Internet) transmitted data more secure: Authentication – The connecting client is assured of the identity of the server. Encryption – All data transmitted between the client and the server is encrypted rendering any intercepted data unintelligible to any third party.
4: Advanced Operations To change the access level: 1. At the command prompt, type set ssl access, followed by optional or required, and press Enter. Example The following changes the access level to required: SLP: set ssl access required SSL Technical Specifications Secure Socket Layer (SSL) version 3 Transport Layer Security (TLS) version 1 (RFC 2246) SSL/TLS-enabled HTTPS server (RFC 2818) Self-Signed X.
4: Advanced Operations Enabling and Setting up SSH Support Note: A restart of the unit is required after setting or changing ANY SSH configurations. See Performing a warm boot on page 57 for more information. Enabling or disabling SSH support The Set SSH command is used to enable or disable SSH support. To enable or disable SSH support: 1. At the command prompt, type set ssh, followed by enabled or disabled and press Enter.
4: Advanced Operations SNMP The SLP family of products supports the Simple Network Management Protocol (SNMP). This allows network management systems to use SNMP requests to retrieve information and control power for the individual outlets. The SNMP implementation includes an SNMP v1 agent supporting standard MIB I and MIB II objects. A private enterprise MIB extension is also supported to provide remote power control. Note: For security, SNMP support is disabled by default. Table 4-3.
4: Advanced Operations SLP: set snmp trapdest1 64.42.31.208 The following sets the trap destination 2 to snmp.lantronix.com: SLP: set snmp trapdest2 snmp.lantronix.com To reset the trap destination: 1. At the command prompt, type set snmp, trapdest1 or trapdest2, 0.0.0.0 and press Enter. Setting the trap timer The Set Traptime command sets the timer period between repeated error-condition traps. The valid range for the timer period is 1 to 65535 (in seconds).
4: Advanced Operations Setting SNMP IP Restrictions The Set SNMP IP Restrictions command supports SNMP Manager GET and SET requests to only be allowed from the IP addresses of the defined traps destinations. To set SNMP IP Restrictions: 1. At the command prompt, type set snmp iprestrict trapdests and press Enter. To remove SNMP IP Restrictions: 1. At the command prompt, type set snmp iprestrict none and press Enter.
4: Advanced Operations SNMP support status SNMP community strings Trap timer value Trap destinations To display SNMP configuration information: 1. At the command prompt, type show snmp and press Enter. Example The following command displays the SNMP configuration information: SLP: show snmp SNMP Configuration SNMP: Enabled SET Community String: private GET Community String: public TRAP Community String: trap Error Trap Repeat Time (seconds): 180 Trap Destination 1: 64.42.31.
4: Advanced Operations Status trap A Status trap is generated when an error condition occurs on a unit, infeed or outlet. Status traps include the reported Status, the Location of the unit, and identifier and name of the affected unit, infeed or outlet. Any Trap Status generates a Status trap and triggers the trap timer. A new trap is generated at the end of every timer period until the Status returns to a non-error status. Table 4-5.
4: Advanced Operations Load Trap The Load trap is generated whenever the total input load on an infeed exceeds a preset threshold. Load traps include the reported input load, load status, Location of the unit, and identifier and name of the affected infeed. Any error state generates a Load trap and triggers the trap timer. A new trap is generated at the end of every timer period until the Load returns to a non-error status. Table 4-8.
4: Advanced Operations The following command enables the Status trap using the unit’s absolute name: SLP: set trap unit status .a on The following command enables the Status trap for the unit named Florida_HQ_1: SLP: set trap unit status Florida_HQ_1 on Note: Enabling lower hierarchical traps automatically enables traps of higher hierarchical value: i.e. enabling an Outlet Status trap automatically enables the Infeed and Unit Status traps for that outlet.
4: Advanced Operations To Enable or Disable a Change trap: 4. At the command prompt, type set trap outlet change, followed by the outlet name and on or off. Press Enter, or 5. Type set trap outlet change all, followed by on or off and press Enter.
4: Advanced Operations Example The following command enables the Change trap for the third outlet using the outlet’s absolute name: SLP: set trap outlet change .a3 on Displaying trap configuration information The Show Traps command displays information about all traps. To display trap information: 1. At the command prompt, type show traps and press Enter. Example The following command requests trap configuration information: SLP: show traps Unit trap configuration: Unit Unit ID Name .
4: Advanced Operations SLP LDAP support has been tested in the following environments: • Microsoft Active Directory (MSAD) • Novell eDirectory (eDir) • OpenLDAP LDAP Command Summary Command Description Set Authororder Specifies the authentication order for each new session attempt Set LDAP Enables/disables LDAP support Set LDAP Host Sets the IP address or hostname of the Directory Services server Set LDAP Port Sets the LDAP server port number Set LDAP Bind Specifies the LDAP bind request pa
4: Advanced Operations Add PorttoLDAP Grants an LDAP group access to one or more serial ports Delete GroupfromLDAP Removes access to one or more groups for an LDAP group Delete OutlettoLDAP Removes access to one or more outlets for an LDAP group Delete PortfromLDAP Removes access to one or more serial ports for an LDAP group Set LDAPGroup Access Sets the access level for an LDAP group Set LDAPGroup Envmon Grants or removes privileges to view input and environmental monitoring status List LDAPGr
4: Advanced Operations 1. At the command prompt, type set ldap, followed by host1 or host2 and the Directory Services server’s IP address or hostname. Press Enter. Examples The following command sets the primary Directory Services server IP address to 98.76.54.32: SLP: set ldap host1 98.76.54.32 The following command disables the Load trap: SLP: set ldap host2 ldap.ltrx.
4: Advanced Operations Note: Windows 2000 is known only to support Simple binding. Windows 2003 supports both Simple and MD5 binding. To set the bind password type: 1. At the command prompt, type ldap bind, followed by simple or md5 and press Enter. Note: If MD5 binding is enabled, LDAP over TLS/SSL is disabled. Setting the search bind Distinguished Name (DN): The Set LDAP BindDN command is used to set the fully-qualified distinguished name (FQDN) for user accounts to bind with.
4: Advanced Operations Memberof Setting the group membership value type: The Set LDAP GroupType command is used to specify whether the values of group Membership Attribute represent the Distinguished Name (DN) of a group or just the name of the group. To set the group membership value type: 2. At the command prompt, type ldap grouptype, followed by DN or Name and press Enter.
4: Advanced Operations Displaying the LDAP configuration information: • • • • • • • The Show LDAP command displays LDAP configuration information Enabled-disabled status of LDAP support Directory Services server IP address and port Bind request password type and remote authentication order Search bind distinguished name and password User search base distinguished name and filter Group membership attribute and type Note: With the Remote Only method, if authentication fails due to a communication failure w
4: Advanced Operations SLP: set dns1 98.76.54.254 Verifying the DNS configuration: The Ping command may be used to verify the configuration of the DNS IP address. To verify the DNS configuration: 1. At the command prompt, type ping followed by the domain component of the Directory Services server previously configured and press Enter. Example The following command verifies the DNS configuration: SLP: ping lantronix.com Pinging lantronix.com [98.76.54.32] with 64 bytes of data Reply from 98.76.54.
4: Advanced Operations View—Only. For more information on user access levels, see Changing a user’s access privilege level: on page 17. To set the access level privilege for an LDAP group: 1. At the command prompt, type set ldapgroup access, followed by admin, user, ononly or viewonly, optionally followed by a LDAP a group name. Press Enter.
4: Advanced Operations The Add OutletToLDAP command grants an LDAP group access to one or all outlets. To grant access for more than one outlet, but not all outlets, you must use multiple Add OutletToLDAP commands. To grant outlet access to an LDAP group: 1. At the command prompt, type add outlettoldap, optionally followed by an outlet name and a group name. Press Enter or type add outlettoldap all, followed by a group name and press Enter.
4: Advanced Operations The Add PortToLDAP command grants an LDAP group access to the serial port. To grant serial port access to an LDAP group: 1. At the command prompt, type add porttoldap console and a group name. Press Enter. Deleting serial port access for an LDAP group The Delete PortFromLDAP command removes an LDAP group’s access to the serial port. You cannot remove access to the serial port for an administrative level group. To delete serial port access for an LDAP group: 1.
4: Advanced Operations TACACS+ Command Summary Command Description Set Authorder Specifies the authentication order for each new session attempt Set TACACS Enables/disables SSL support Set TACACS Host Sets the IP address or hostname of the TACACS server Set TACACS Key Sets the TACACS encryption key Set TACACS Port Sets the TACACS server port number Show TACACS Displays TACACS configurations Add GrouptoTACACS Grants a TACACS account access to one or more groups Add OutlettoTACACS Grants a T
4: Advanced Operations The following command sets the secondary TACACS+ server address to tacacs.lantronix.com: SLP: set tacacs host2 tacacs.lantronix.com Setting the TACACS+ encryption key: The Set TACACS Key command sets the encryption key used to encrypt all data packets between the SLP and the TACACS+ server. This key must match the key configured on the TACACS+ server. To set the encryption key: At the SLP: prompt, type set tacacs key and press Enter.
4: Advanced Operations The Remote Only method attempts authentication only with the TACACS+ server and if unsuccessful, access is denied. Note: With the Remote Only method, if authentication fails due to a communication failure with the TACACS+ server automatic authentication fallback will occur to authenticate with the local user data base on the SLP device. To set the authentication order: At the SLP: prompt, type set authorder, followed by remotelocal or remoteonly and press Enter.
4: Advanced Operations SLP: set tacpriv access admin 14 The following command sets the TACACS+ account access level for account 5 to User: SLP: set tacpriv access user 5Granting and removing input status viewing privileges: Granting and removing input status viewing privileges: The Set TacPriv Envmon command grants or removes input status viewing privileges to/from a TACACS+ account.
4: Advanced Operations Examples The following commands grant a TACACS+ account 5 access to outlets A1 and Webserver_1: SLP:add outlettotacacs .a1 5 SLP:add outlettotacacs WebServer_1 5 Deleting outlet access for a TACACS+ account: The Delete OutletFromTACACS command removes a TACACS+ account’s access to one or all outlets. You cannot remove access to any outlet for an administrative level account.
4: Advanced Operations Deleting serial port access for a TACACS+ account: The Delete PortFromTACACS command removes a TACACS+ account’s access to the serial port. You cannot remove access to the serial port for an administrative level account. To delete serial port access for a TACACS+ account: At the SLP: prompt, type delete portfromtacacs console and a TACACS+ account number. Press Enter. Displaying TACACS account access: The List TacPriv command displays all access rights for a TACACS+ account.
4: Advanced Operations TACACS+ Technical Specifications Authentication START Packet includes: action = 1 (TAC_PLUS_AUTHEN_LOGIN) priv_lvl = 0 (TAC_PLUS_PRIV_LVL_MIN) authen_type = 1 (TAC_PLUS_AUTHEN_TYPE_ASCII) service = 1 (TAC_PLUS_AUTHEN_SVC_LOGIN) user = (entered username) port = (access path into the SLP) rem_addr = ‘SLP3_xxxxxx’ (xxxxxx is last six digits of MAC address) data = ‘‘ (null) Note: The password is sent in a CONTINUE packet.
4: Advanced Operations The SLP’s Syslog support is RFC3164-compliant and enables off-SLP viewing and storage of log messages. The SLP supports external logging to up to two Syslog servers.
4: Advanced Operations Email Email Command Summary Command Description Set Email Enables or disables Email notification support Set Email SMTP Host Sets the SMTP Host IP address or hostname Set Email SMTP Port Sets the SMTP server port number Set Email From Sets the email ‘From’ address Set Email PrimaryTo Sets the primary recipient email address Set Email SecondaryTo Sets the secondary recipient email address Set Email Event Enables or disables notification of general system events Set Ema
4: Advanced Operations SLP: set email smtp port 5555 Setting the ‘From’ email address: The Set Email From command sets the ‘from’ email address. By default, this is set to ‘SLP3_’ plus the last three octets of the unit’s MAC address. Example: ‘SLP3_510c90@’ To set the ‘From’ email address: At the SLP: prompt, type set email from, followed by the originating email address and press Enter. Example The following command sets the ‘from’ email address to Rack14CDU1@lantronix.
4: Advanced Operations Displaying Email configuration information: The Show Email command displays Email configuration information. To display the Email configuration information: At the SLP: prompt, type show email and press Enter. Example The following command displays the Email configuration information: SLP: show email Email Configuration Email Notifications: Enabled SMTP Host: SMTP Port: email.lantronix.
5: Troubleshooting and Technical Support 5: Troubleshooting and Technical Support Technical Support If you are experiencing an error that is not described in this user guide, or if you are unable to fix the error, you may: Check our online knowledge base at www.lantronix.com/support. Contact Technical Support in the US: Phone: 800-422-7044 (US only) or 949-453-7198 Fax: 949-450-7226 Our phone lines are open from 6:00AM - 5:00 PM Pacific Time Monday through Friday, excluding holidays.
A: Resetting to Factory Defaults You may reset the non-volatile RAM that stores all configurable options. This clears all administrator-editable fields and resets all command line configurable options to their default values, including all user accounts. You may reset the unit to factory defaults from the command line or the web browser interface, or by pressing the reset button. You must have administrator-level privileges to issue the command.
B: Uploading Firmware B: Uploading Firmware You may upload new versions of firmware using File Transfer Protocol (FTP). This allows access to new firmware releases for firmware improvements and new features additions. Note: To begin an FTP upload session, you must first configure the FTP Host address, username/password, filename and file path. For information on configuring the FTP settings required for firmware upload see 3:Operations.
C: Technical Specifications C: Technical Specifications Models Table C-5-1. Vertical Installation Model Voltage Inlet Outlets SLPV1611E-02 100-120V, 50/60Hz IEC 60320/C20 16 - NEMA 5-20R SLPV1612E-02 208-230V, 50/60Hz IEC 60320/C20 16 - IEC 60320/C13 SLPV1614G-02* 208-230, 50/60Hz NEMA L6-30P, 30A locking 16 - IEC 60320/C13 Table C-5-2.
C: Technical Specifications SLPX08x2E-02 50/60 Hz *SLPV16x2E02 *SLPY16x2E02 SLPH0814G02 208-230V 50/60 Hz 24 12 24 SLPV1614G02 1 Current ratings are in amperes.
C: Technical Specifications Table C-5-6. Physical Specifications Physical Temperature Relative Humidity SLP-V16xxx-02 SLP-H08xxx-02 Size 65.0 x 1.75 x 2.25 in. 1.75 x 17.0 x 7.0 in. Weight 13.2 lbs 8.2 lbs Operating 0° to 50° C (32° to 122° F) Storage -40° to 85° C (-40° to 185° F) Operating 10 to 90%, non-condensing Storage 10 to 90%, non-condensing Approvals FCC Class A, Part 15 cTUVus (US & Canada) to UL 60950:2003 and CAN/CSA 22.
C: Technical Specifications Table C-5-8. RJ45 to DB9 Serial Port Adapter 5 4 9 Pin 3 8 2 7 1 6 DCE Signal Name Input/Output 1 2 Receive Data RD Output 3 Transmit Data TD Input 4 Data Terminal Ready DTR Input 5 Signal Ground 6 Data Set Ready DSR Output 7 Request to Send RTS Input 8 Clear to Send CTS Output Ethernet LED Indicators Table C-5-9. LED Description LED Color Description Network Link Yellow (lower) Network Link is operational.
C: Technical Specifications Temperature/Humidity Probe (Accessory) The SecureLinx SLP Temperature and Humidity Probe monitors data center environmental conditions to ensure they do not exceed recommended thresholds. The temperature and humidity probe is a combination probe that supports both temperature and humidity and plugs into either T/H1 or T/H2. Lantronix Part Number Description SLPM1TH10-01 Probe: Temperature and Humidity, 10 Ft. cable Table C-5-10.
D: Compliance Information (according to ISO/IEC Guide 22 and EN 45014) Manufacturer’s Name & Address: Lantronix 15353 Barranca Parkway, Irvine, CA 92618 USA Declares that the following product: Product Name Model: SecureLinx SLP Remote Power Manager Conforms to the following standards or other normative documents: USA and Canada FCC Class A, Part 15 cTUVus (US & Canada) to UL 60950:2003 and CAN/CSA 22.
D: Compliance Information RoHS Notice: All Lantronix products in the following families are China RoHS-compliant and free of the following hazardous substances and elements: • • • • Lead (Pb) Cadmium (Cd) Product Family Name UDS1100 and 2100 EDS MSS100 IntelliBox XPress DR & XPress-DR+ SecureBox 1101 & 2101 WiBox UBox MatchPort SLC XPort WiPort SLB SLP SCS SLS DSC • • • Mercury (Hg) Hexavalent Chromium (Cr (VI)) Toxic or hazardous Substances and Elements Lead Mercury Cadmium Hexavalent (Pb) (Hg) (Cd)
D: Compliance Information refund of buyer's purchase price for such affected products (without interest) repair or replacement of such products, provided that the buyer follows the above procedures. There are no understandings, agreements, representations or warranties, express or implied, including warranties of merchantability or fitness for a particular purpose, other than those specifically set out above or by any existing contract between the parties.