Sena STS Series Podręcznik Użytkownika

1Secure Terminal ServerSTS SeriesUser GuideVersion 1.4.2.22011-12-12

10Diagnostic LEDPowerReady10/100 Base Link, ActSerial InUse/Rx/ Tx for each portPC CardEnvironmentalOperating temperature: 5’C to 50’CStorage temperat

1009.3. User Defined Web PagesSTS Series supports user defined web pages. User can set user-defined page as a first page whichwill be popped up after

101Appendix 1. ConnectionsA 1.1. Ethernet PinoutsThe STS Series uses the standard Ethernet connector that is shielded connector compliant withAT&T

102A 1.3. Ethernet Wiring DiagramFigure A-2 Ethernet direct connection using crossover Ethernet cableFigure A-3 Ethernet connection using straight thr

103RJ45-DB25 female adapterUsing RJ45 to DB25(Female) Cross-over CableDescription (RJ45) Internal Cable Color RJ45 Pin No. DB25 Pin No. Description (D

104Appendix 2. PC Card Supported By STSThe following PC cards are supported by the STS Series series:Table A-3 Network cardManufacturer Model/Name STS

105Table A-6 Serial Modem CardManufacturer Model/Name STS probed Model name SpecificationBilliontonSystems Inc.FM56C seriesPCMCIA CARD56KFaxModem FM56

106Appendix 3. STS Configuration FilesA 3.1. system.cnf## system.cnf## system configuration which exist only one place on this file.## kind of IP conf

107# By setting 'btelnet' to 1, you can use remote console.# Similarly by setting 'bweb' to 1, you can use remote console.# 0 mean

108bweb_https = 1web_refresh_rate = 10# TCP configuration# 'keepalive_time' is a time before keep alive takes place.# 'keepalive_probes

109all port configuration.# If you want to change the port data by changing all port configuration, set to0.port = 0benable = 0bmanset = 0port = 1bena

11 Client/ServerClient/server describes the relationship between two computer programs in which one program, theclient, makes a service request from

110max_connection = 32# 'remotehost' is a remote host list# (Primary IP address:port Secondary IP address:port)remotehost = 192.168.0.135:70

111# 'snmp_trap_receiver_community' is community of SNMP Trap# 'snmp_trap_receiver_version' is SNMP trap version# 0 = v1, 1 = v2ce

112Appendix 4. Well-known Port NumbersPort numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic and/orPrivate Ports.

113Appendix 5. Guide To The Bootloader Menu ProgramA 5.1. OverviewThe bootloader menu provides a way to recover the STS Series unit using BOOTP/TFTP a

114-----> 1Enter Current Date (mm/dd/yy) : 02/15/03press the ENTER key to continue-----------------------------------------------------------------

115Select menu0. Test Mode - One time1. Auto test2. DRAM test3. FLASH test4. LED test5. EEPROM test6. UART test7. PC card test8. Ethernet test<ESC&

116-----------------------------------------------------------------------------Hardware Test---------------------------------------------------------

117[Ethernet]Ethernet chip test--------------------------------------------[SUCCESS]PING 192.168.0.135 from 192.168.161.5 : 64 bytes of ethernet packe

118A 5.5. Firmware Upgrade MenuBy using the ‘Firmware upgrade’ menu, the user can upgrade the firmware of the unit. Before firmwareupgrade, the user c

1195. Start firmware upgrade-----> 5Firmware upgrade cannot be stopped until finished.And all configuration parameters are restored to default valu

12CTSClear to SendDSRData Set ReadyDTRData Terminal ReadyRTSRequest To SendDCDData Carrier Detect

120Appendix 6. Using STS Series With Serial/IPA 6.1. STS Series vs. Serial/IP OptionsTable A-8 STS Series vs. Serial/IP option compatibility matrix ta

121Series with “Negotiate SSLv3/TSLv1” option.A 6.2. Connection Example - Telnet And SSLv3 EncryptionStep 1. Set host mode of serial port #1 of STS Se

122Figure A-12 Cryptography configurationStep 3. Open Serial/IP Control Panel and check the COM port you want to use to communicatewith serial port #1

123Step 4. Enter IP address of Server(IP address of STS Series) and Port number (port number ofserial port #1) correctly and then select other paramet

124Figure A-15 Connect to serial port of STS series via Serial/IPStep 6. User can monitor or trace the connection status using Serial/IP Port Monitor

125Appendix 7. How To Make A Certificate For SSL EncryptionA 7.1. Install The OpenSSL PackageStep 1. Download the latest OpenSSL package. (http://www.

126# we can do this but it is not needed normally :-)#1.organizationName = Second Organization Name (eg, company)#1.organizationName_default = World W

127Step 3. Check whether CA key file(demoCA/private/cakey.pem) and CA certificate(demoCA/cacert.pem) is generated# ls demoCA/cacert.pem certs crl inde

128Using configuration from /usr/share/ssl/openssl.cnfEnter PEM pass phrase: CA Password (Enter CA password in step 2-2)Check that the request matches

129Signature Algorithm: md5WithRSAEncryptionIssuer: C=KR, ST=, L=Seoul, O=Sena Technologies Inc., CN= SenaTechnologiesValidityNot Before: Oct 6 09:39:

132. Getting StartedThis chapter describes how to set up and configure the STS Series.- 2.1. Panel Layout explains the layout of the panel and LED ind

130Appendix 8. WarrantyA 8.1. GENERAL WARRANTY POLICYSena Technologies, Inc. (hereinafter referred to as SENA) warrants that the Product shall conform

131A 8.3. HARDWARE PRODUCT WARRANTY DETAILSWARRANTY PERIOD: SENA warranties embedded hardware Product for a period of one (1) year,and external hardwa

14Figure 2-1 The panel layout of the STS800Table 2-1 LED indicator lamps of the STS SeriesLamps FunctionPowerTurned on if power is suppliedReadyTurned

152.2.1. Connecting The PowerConnect the power cable to the STS Series. If the power is properly supplied, the [Power] lamp willlight up green.Figure

16The [100Mbps] lamp will not turn on if the current network connection is 10Base-T.Figure 2-5 Connecting a network cable to the STS400/800/16002.2.3.

17menu system or CLI (Command Line Interface). System console:Local users can connect directly to the system console port of the STS Series using the

18 No flow control5) Press the [ENTER] key.6) Enter your user name and password to log into the STS Series. The factory default usersettings are as f

192.2.6. Using Remote ConsoleThe IP address of the STS Series must be known before users can access the STS Series using theRemote console (see chapte

2Copyright InformationCopyright 1998-2012, Sena Technologies, Inc. All rights reserved.Sena Technologies reserves the right to make any changes and im

202.3. Accessing The Web Browser Management InterfaceThe STS Series supports both HTTP and HTTPS (HTTP over SSL) protocols. The STS Series alsoprovide

21step.If the user does not want to save the new parameter values, the user must opt to [Cancel]. All changesmade will be lost and the previous values

223. Network Configuration3.1. IP ConfigurationThe STS Series requires a valid IP address to operate within the user’s network environment. If theIP a

233.1.1. Using A Static IP AddressWhen using a Static IP address, the user must manually specify all the configuration parametersassociated with the I

24The IP address of the DNS server must be able to access the host site with the provided domainname. The STS Series provides the ability to configure

25address in the DHCP network, the administrator needs the MAC address of the STS Series found onthe label sticker at the bottom of the STS Series.3.1

26Figure 3-2 SNMP Configuration3.2.1. MIB-II System Objects ConfigurationMIB–II System objects configuration sets the System Contact, Name, Location,

27 sysService(Read Only):A series of values, separated by commas, that indicate the set of services that the system provides. Bydefault, STS Series o

28Figure 3-3 Browsing MIB-II OIDs of STS Series SNMP agent using SNMP Browser(AdventNet MibBrowser)3.3. Dynamic DNS ConfigurationWhen users connect th

29may then add a new Dynamic DNS Host link after logging in to their Dynamic DNS Network ServicesMembers NIC.After enabling the Dynamic DNS service in

3Revision historyRevision Date Name DescriptionV1.0.2 2003-12-3 O.J. JungInitial ReleaseV1.1.0 2004-01-12 O.J. JungRevision with release of version 1.

30hostname (i.e. [email protected] or [email protected]).The SMTP user name and SMTP user password are required when either SMTP with authentica

31The user may allow a host or a group of hosts to access the STS Series for configuration. The usermust then enter the IP address and subnet of acces

323.6. SYSLOG Server ConfigurationThe STS Series supports a remote message logging service, SYSLOG service for the system and portdata logging. To use

33To store the STS Series log data to the NFS server, the NFS server must be configured as “read andwrite allowed”. If there is a firewall between the

34Figure 3-11 Web server configurationsThe Web page refresh rate can be also adjusted in this configuration page. The refresh rate is onlyapplicable t

35 TCP “keep-alive” probes:This represents how many “keep-alive” probes will be sent to the remote host, until it decides that theconnection is dead.

364. Serial Port Configuration4.1. OverviewThe serial port configuration capability allows the user to configure the host mode of each port, serialcom

37Table 4-1 Serial port configuration parametersPort Enable/DisablePort titleApply all port settings (Individual serial port setting only)TCP listenin

38Enable/Disable Email notificationTitle of EmailEmailnotificationRecipient’s Email addressEnable/Disable SNMP notificationTitle of SNMP trapSNMP trap

39Figure 4-1 Serial port configuration main screen4.2. Individual Port ConfigurationThe STS Series allows serial ports to be configured either individ

4Contents1. Introduction 81.1. Overview ...

404.2.1. Port Enable/DisableEach serial port can be enabled or disabled. If a serial port is disabled, users cannot access the serialport. Figure 4-2

41Figure 4-3 Port title configuration4.2.3. Apply All Port SettingsTo prevent the possibility of the user inadvertently selecting to change all port s

424.2.4. Host Mode ConfigurationThe STS Series operating mode is called the “host mode”. Three host modes are available: TCPmode, UDP mode, Modem emul

434.2.4.1. TCP ModeFor easier understanding of TCP modes, a simplified State Transition Diagram is often used. And tohelp users understand the diagram

441) Typical State Transition[Listen] --> [Sync-Received] --> [Established] --> [Data] --> [Closed] --> [Listen]Or[Listen] --> [Sync

45 User AuthenticationIn TCP mode, STS Series support user authentication for port access. If this option is enabled, usershould enter the user ID an

46EstablishedInactivity time-outTCP connection request rejectedOr internal TCP time-outTCP connection request acceptedSync-SentIncoming data via seria

47 TCP Nagle algorithmModern TCP implementations include a mechanism, known as the Nagle algorithm, which preventsthe unnecessary transmission of a l

48 Send to recent unlisted remote hostIf Send to recent unlisted remote host function is set as ‘Yes’, STS Series sends data to the remotehost, which

49By using the modem emulation mode of the STS Series, users can have their serial device connectedto the Ethernet network easily, which is cheaper th

54.1. Overview ...364.2

50ATBn, ATCn, ATLn, ATMn,ATNn, ATP, ATT, ATYn,AT%Cn, AT%En, AT&Bn,AT&Gn, AT&In, AT&Qn,AT&V, ATMn, AT\An,AT\Bn, AT\Nn, ATXnnone OK

514.2.5. Remote Host ConfigurationRemote host configuration is the list of hosts that will receive data from serial port of STS Series whenthere is da

52Figure 4-9 Port IP filtering for serial ports4.2.7. Cryptography ConfigurationThe STS Series supports encrypted sessions for only TCP mode including

53symmetric key encryption. Symmetric key encryption is much faster than public-key encryption, butpublic-key encryption provides better authenticatio

54that the client portion of the handshake is finished.9. The server sends a message to the client informing it that future messages from the server w

55algorithm is used to encrypt the bulk of data transmitted across the SSL/TLS connection. The hashalgorithm is used to protect transmitted data again

56Figure 4-11 Cryptography configuration4.2.7.2. 3DES Cryptography MethodBy setting the cryptography method as 3DES, the STS Series can communicate wi

57 PaddingThe padding is a standard block cipher. The pad value is the total number of pad bytes in thepadding(1~8).In 3DES algorithm in STS Series,

58Note: File uploading is supported only in console menu. For more information about file uploading,please refer to 6.10 User File Uploading section.F

59Figure 4-15 UART configuration ParityParity can be none, even or odd. The factory default setting is none. Stop bitsStop bits can be between 1 bit

68. CLI guide 938.1. Introduction...

60 DTR/DSR behaviorThe purpose of the DTR/DSR pin is to emulate modem signal control or to control TCP connectionstate by using serial port signal. T

614.2.10. Modem ConfigurationThe STS Series supports direct modem connection to the serial port of it. When user wants to connectmodem to a serial por

62Figure 4-16 Modem configuration4.2.11. Port LoggingWith the port logging feature, the data sent through the serial port is stored to MEMORY, an ATA/

63all port buffer size of each serial port should be smaller than or equal to 3200 Kbytes). The factorydefault setting is 4 Kbytes.When using an ATA/I

64remote hosts could be monitored and managed in the same way of the port keywords as well.Each reaction can be configured individually upon each keyw

65Figure 4-18Port event handling configurations SNMP trap communityThis parameter set a community that will be included in SNMP trap message when pre

66 SNMP trap versionThis parameter set a version of SNMP trap, which will be sent when pre-defined keyword is detected.[Status event edit] Device co

674.3. All Port ConfigurationsIf modifications are being made to all serial ports are similar or the same, changes can be made to theserial port confi

68 Port enable/disableThis parameter enables or disables port function. Port titleIf this parameter is set with a certain string, the port title of

695. PC Card ConfigurationThe STS Series has one extra PC card slot for increased expandability. It supports four types of PCcards:- Wireless LAN card

7Appendix 6. Using STS Series With Serial/IP 120A 6.1. STS Series vs. Serial/IP Options ...

70Figure 5-2 Failure to detect error messageRefer to Appendix 2. PC Card Supported By STS to view a list of PC cards support by the STS Series.To stop

71The user must manually select PC LAN card as the card type and set the primary and secondary DNSservers when configuring a PC LAN card. All other co

72The STS Series supports SSID(Service Set Identifier) and WEP(Wired Equivalent Privacy) key featurefor the wireless LAN configuration. The user may c

73Figure 5-6 PC ATA/IDE fixed disk card configuration

746. System AdministrationThe STS Series display the system status and the log data via a Status Display Screen. This screen isto be used for manageme

75internal memory is used to store system log data, the log data will be cleared when the STS Series isturned off. To preserve the system log data, se

766.3. User Logged On ListThis function allows a user to view current and historical user activity on the shell of STS Series.Figure 6-3 User logged o

776.5. Device Name ConfigurationThe STS Series has its own name for administrative purposes. Figure 6-5 shows the device nameconfiguration screen. Whe

786.7. Date And Time SettingsThe STS Series maintains current date and time information. The STS Series clock and calendarsettings are backed up by in

796.8. Configuration ManagementThe user may export the current configurations to a file at such locations as CF card, NFS server, userspace or local m

81. Introduction1.1. OverviewThe STS Series is a secure terminal server (or device server) that makes your legacy serial devicesmanageable by industry

80To export the current configurations, follow this:1. Select the location to export to.2. Select the encrypting option3. Type the file name.4. Click

81To upgrade firmware via a remote console:1. Obtain the latest firmware.2. Connect the terminal emulation program using either TELENT/SSH or a serial

82Figure 6-11 Transfer binary file by Zmodem (HyperTerminal)--->9Do you want to upgrade firmware? (y/n): yTransfer firmware by zmodem using your te

831. Prepare user file to be uploaded.2. Connect the terminal emulation program using either TELNET/SSH or a serial console port.(TELNET or SSH is rec

84Do you want to upload a file to user space? (y/n): yEnter a filename: test.txtThe file will be saved as /usr2/test.txt.Transfer a file by zmodem usi

857. System StatisticsThe STS Series Web interface provides system statistics menus. The user can use the menus toaccess statistical data and tables s

86Figure 7-2 Serial ports status7.3. IP StatisticsThe IP Statistics screen provides statistical information about packets/connections using an IPproto

87 InUnknownProtos :Specifies the number of locally addressed datagrams received successfully but discarded because ofan unknown or unsupported proto

88 FragFails :Specifies the number of datagrams that need to be fragmented but couldn't be because the IP headerspecifies no fragmentation. For

89 InTimeExcds, OutTimeExcds :Specifies the number of time-to-live (TTL) exceeded messages received or sent. A time-to-liveexceeded message is sent t

91.2. Package Check List- STS Series external box- External 110V or 230V power supply or power cord- CAT5 cable- Console cable kit- Quick Start Guide1

90 InAddrMaskReps, OutAddrMaskReps :Specifies the number of address mask responses received or sent. A computer sends an addressmask response in resp

91 RtoMax :Specifies the maximum retransmission time-out value in milliseconds. MaxConn :Specifies the maximum number of connections. If is the maxi

92Figure 7-5 TCP statistics7.6. UDP StatisticsThe UDP Statistics screen provides statistical information about packets/connections using a UDPprotocol

938. CLI guide8.1. IntroductionThe STS Series root or System Administrator (only admin account is added for this group user byfactory default) can acc

948.3. Supported Linux Utilities8.3.1. Shell & Shell Utilities:sh, ash, bash, echo, env, false, grep, more, sed, which, pwd8.3.2. File And Disk Ut

958.5. Editing STS Series Configuration In CLI8.5.1. Configuration File Save/Load Mechanism:1) While booting, the STS Series uncompresses /cnf/cnf.tar

968.7. File TransmissionThe users can use an ftp client for file transmission and use /usr2 directory for data read/[email protected]:~# cd /usr

97Step 3 Edit usr2/rc.user script as follows:#!/bin/bash## rc.user : Sample script file for running user programs at boot time##PATH=/bin:/usr/bin:/sb

988.8.2. Periodical Program ExecutionUser can use crontab to execute a specific program periodically. To enable periodical jobs usingcrontab, please c

999. User Customization Guide9.1. IntroductionThe STS Series supports various ways of customization so that user can fit STS Series for his ownpurpose