instruction manual NXC-ME260 NetLinx Master-Ethernet Card/Module N e t L i n x C e n t ra l C o n t r o l l e r s a n d C a r d s
AMX Limited Warranty and Disclaimer AMX Corporation warrants its products to be free of defects in material and workmanship under normal use for three (3) years from the date of purchase from AMX Corporation, with the following exceptions: • Electroluminescent and LCD Control Panels are warranted for three (3) years, except for the display and touch overlay components that are warranted for a period of one (1) year.
Table of Contents Table of Contents Product Information .................................................................................................1 Front and rear panel components ............................................................................................ 1 Specifications .................................................................................................................... 2 Rear panel LEDs: ICSNet/ICSHub................................................................
Table of Contents Communication and Firmware Update ................................................................. 19 Communicating with the Master via the Program Port.................................................... 19 Verifying the current version of NetLinx Master firmware ...................................................... 20 Setting the System Value................................................................................................ 21 Working with multiple NetLinx Masters ......
Table of Contents Master Security Setup Procedures.................................................................................. 51 Setting the system security options for a NetLinx Master (Security Options Menu) .............. 51 Adding a Group and assigning their access rights................................................................. 52 Modifying an existing Group’s access rights .......................................................................... 53 Showing a list of authorized Groups .
Table of Contents Option 9 - Delete Group ......................................................................................................... 82 Option 10 - Show List of Authorized Groups.......................................................................... 83 Option 11 - Set Telnet Timeout in seconds............................................................................ 83 Option 12 - Display Telnet Timeout in seconds .....................................................................
Product Information Product Information The NXC-ME260 (FG2010-60) is a Master-Ethernet Card for use within NetLinx systems. This card provides a 10/100 Base-T Ethernet connection and an RJ-11 SPE (Server Port Expander) connector for use with an AXB-SPE (Server Port Expander). The NXC-ME260 is the only Master card you will need, as it incorporates the functionality of all previous NetLinx Master Cards (NXC-M, NXC-ME, and NXC-MPE).
Product Information Specifications NXC-ME260 Specifications Dimensions (HWD): NXC Card 1.38" x 5.43" x 9.25" (35.1 mm x 138.0 mm x 235.0 mm) NXS Module 1.64" x 5.55" x 9.28" (41.7 mm x 141.0 mm x 236.0 mm) Weight: NXC-ME260 only: 0.55 lbs (0.25 kg) NXC-ME260 with NXS-NMS module: 1.95 lbs (0.
Product Information NXC-ME260 Specifications (Cont.) Rear Panel Components (Cont:) AXlink connector 4-pin (male) black captive-wire connector provides data and power to external control devices. • Power rating = 6 A max; actual load depends on connected power supply. Axlink Status LED Green LED lights to show AXlink and expansion port data activity. Program port 5-pin (male) grey connector for system programming and diagnostics.
Product Information 4 NXC-ME260 NetLinx Master-Ethernet Card/Module
Installation and Wiring Installation and Wiring This section contains information about configuring the Program port, cable configurations, connector pinouts, and NXC-ME260 installation procedures. Setting the Program Port DIP Switch Prior to installing the NXC-ME260, configure the Program port’s communication speed by setting the baud rate DIP switch (SW1) to the appropriate setting. The Program port’s DIP switch is located to one side of the Master’s RS232 Program port.
Installation and Wiring PRD mode prevents the NetLinx program stored in the Master from running when you power up the NXC-ME260. PRD mode should only be used when you suspect the resident NetLinx program is causing inadvertent communication and/or control problems. If necessary, place the Master in PRD mode and use the NetLinx Studio 2.1 program to resolve the communication and/or control problems with the resident NetLinx program. Then, download the new NetLinx program and try again.
Installation and Wiring Modes and Front Panel LED Blink Patterns The following table lists the modes for the ME260 and blink patterns displayed on the front panel LEDs for each mode. These patterns are not evident until after the unit is powered. Modes and LED Blink Patterns LEDs and Blink Patterns STATUS (green) OUTPUT (red) INPUT (yellow) Mode Description OS Start Starting the operating system (OS). On On On Boot Master is booting.
Installation and Wiring Wiring length guidelines The Master requires a 12 VDC power from a PSN to operate properly. The unit should only have one source of incoming power. Using more than one source of power to the Master can result in damage to the internal components and a possible burn out. An auxiliary 12 VDC power supply can provide power to the Master. Refer to the following table for wiring length information: Wiring Length Guidelines @ 750 mA Wire Size Maximum wiring length 18 AWG 156.
Installation and Wiring Using the 4-pin mini-Phoenix connector for data with external power To use the NetLinx 4-pin 3.5 mm mini-Phoenix (female) captive-wire connector for data communication and power transfer; the incoming PWR and GND cable from the PSN must be connected to the AXlink cable connector going to the NXC-ME260. FIG. 7 shows the wiring diagram. Always use a local power supply to power the Master card.
Installation and Wiring RS232 Program port (front panel) The following table shows the front panel RS232 (DB9) Program Port connector (male), pinouts, and signals. RS232 Program Port, Pinouts, and Signals Program Port Connector 9 8 5 4 3 2 1 Pin Signal 2 RX 3 TX 5 GND 7 RTS 8 CTS 7 6 Male 5-Pin Program port (rear panel) The table below lists the pinouts and signals for the grey rear panel 5-pin 3.5 mm mini-Phoenix Program port connector.
Installation and Wiring RJ-45 Pinout Information (EIA/TIA 568 B) Pin Wire Color Polarity Function 1 Orange/White + Transmit 2 Orange - Transmit 3 Green/White - Mic 4 Blue - Ground 5 White/Blue + 12 VDC 6 Green + Mic 7 White/Brown + Receive 8 Brown - Receive T IA 5 6 8 B 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 (female) (male) RJ-45 connector - pin configurations Unlike the ICSNet ports, the ICSHub connections require a specific polarity.
Installation and Wiring ICSHub OUT port The following table describes the pinout and signal information for the ICSHub OUT port. ICSHub OUT Pinouts and Signals Pin Signal Color 1 RX + orange-white 2 RX - orange 3 ------ ------ 4 ------ ------ 5 ------ ------ 6 ------ ------ 7 TX + brown-white 8 TX - brown Ethernet 10/100 Base-T RJ-45 Connections/Wiring The following table lists the pinouts and signals associated to the Ethernet connector. FIG.
Installation and Wiring Ethernet ports used by the ME260 Ethernet Ports Used by the ME260 Port type Description Standard Port # ICSP Peer-to-peer protocol used for both Master-to-Master and Master-to-device 1319 (UDP/TCP) communications. For maximum flexibility, the Master can be configured to utilize a different port than 1319, or disable ICSP over Ethernet completely from either Telnet or the Program Port located on the rear of the Master itself. ICMP When using version 1.
Installation and Wiring EXPANSION OUT connector on rear of NXC-ME260 NXC-ME260 ETHERNET 10/100 PWR RX TX FD CTS PWR AXlink RTS AXP GND 12VDC AXM SPEED IN GND Master-Ethernet PROGRAM OUT ICSNet ICSHub EXPANSION 1st AXB-SPE (rear panel) IN OUT RJ-11 cable (6" max) EXPANSION 2nd AXB-SPE (rear panel) OUT FIG. 10 Daisy chaining two or more AXB-SPE's off of an NXC-ME260 SPE cable pinout information The following table gives pinout information for the RJ-11 SPE connector.
Installation and Wiring NXC-ME260 Installation and Mounting Procedures Mounting the ME260 into an NXS-NMS 1. Confirm the contents of the shipment box to verify that you have all specified parts. Refer to the NXC-ME260 Specifications section on page 2 for more information about included and optional accessories. 2. Carefully remove the NXS-NMS Master/Hub Module from the shipping box. 3. Pull-away the magnetic faceplate from the front of the NXS-NMS.
Installation and Wiring Mounting the NXC-ME260 in an NXF CardFrame or NXI The NXC-ME260 can be installed in a NetLinx CardFrame (NXF) or NetLinx Integrated Controller (NXI). In both cases, the card mounts in a horizontal position, through the Master card slot on the rear panel of the enclosure. FIG. 13 shows the Master Card slot on the NXF CardFrame. Master card slot on NXF CardFrame (rear panel) FIG. 13 Master card slot on rear panel of the NXF CardFrame FIG.
Installation and Wiring Replacing the Lithium Batteries The NXC-ME260 is equipped with two lithium batteries (FG57-0013) that have a life of approximately 2.5 years to protect their memory. When DC power is on, the batteries (FIG. 15) are not used. When replacing the batteries, remove one at a time to avoid losing the program in memory. Battery (CR2032 type - 20mm coin cell) socket FIG. 15 Lithium battery and socket 1. Discharge the static electricity from your body by touching a grounded metal object.
Installation and Wiring 18 NXC-ME260 NetLinx Master-Ethernet Card/Module
Communication and Firmware Update Communication and Firmware Update This section outlines the steps necessary to setup a NetLinx Master for communication and then update the on-board firmware. Verify that the NetLinx Master firmware is build 139. Later versions of firmware can not be used on this ME260 Master. Before beginning: 1. Setup and configure your NXC-ME260. Refer to the Installation and Wiring section on page 5 for setup procedures. 2.
Communication and Firmware Update FIG. 16 Assigning Communication Settings and Baud Rates 7. Set the COM port parameters for the selected COM port being used for communication to the NetLinx Master. Default parameters are: COM1, 38400, 8 Data Bits, No Parity, 1 Stop Bit, and No Flow Control. 8. Click OK three times to close the open dialogs and save your settings.
Communication and Firmware Update Showing the current version of the NetLinx Studio FIG. 17 Initial NetLinx Workspace window (showing the OnLine Tree tab) Setting the System Value 1. Access/open the Device Addressing dialog (FIG. 18) by either one of these two methods: Right-click on any System item listed in the OnLine Tree tab of the Workspace and select Device Addressing (from the pop-up list). Select Diagnostics > Device Addressing from the Main menu.
Communication and Firmware Update the Master to reboot. The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation. Wait until the STATUS LED is the only LED to blink. 7. Right-click the associated System number and select Refresh System to establish a new connection to the specified Master and refresh the System list with devices on that system. 8. Use Ctrl+S to save your existing NetLinx Project with the new changes.
Communication and Firmware Update If the Master does not appear in the Workspace window, check to make sure that the Master’s System Number (from within the Device Addressing tab) is correctly assigned. If there is a problem, use a system value of zero (0) on the Master. Changing the Device Address on a Netlinx Device 1. Access the Device Addressing dialog (FIG.
Communication and Firmware Update If the Master does not appear in the Workspace window, make sure that the Master’s System Number (from within the Device Addressing tab) is correctly assigned. If there is a problem, use a system value of zero (0) on the Master. Changing the device address on the Modero panel The device address on a Modero touch panel can not be changed from the Device Addressing dialog. The correct procedure to change a device address is: 1.
Communication and Firmware Update Resetting the Factory Default System and Device Values 1. Access the Device Addressing dialog (FIG. 19 on page 23) by either one of these two methods: Right-click on any system device listed in the Workspace and select Device Addressing. Select Diagnostics > Device Addressing from the Main menu. 2. Click the Set Device/System to Factory Default button. This resets both the system value and device addresses (for definable devices) to their factory default settings.
Communication and Firmware Update System Address reflects the value set in the Device Addressing tab Used to display the IP Address given to the Master from the DHCP Server FIG. 20 Network Addresses dialog (showing Get IP) DO NOT enter ANY IP information at this time, this step only gets the System Master to recognize that it should begin using an obtained DHCP Address. 6. Note the obtained IP Address.
Communication and Firmware Update Assigning a Static IP to the NetLinx Master 1. Select Diagnostics > Network Addresses from the Main menu. 2. Verify the System number corresponds to the value previously assigned in the Device Addressing tab for the specific System Master. 3. Verify that zero (0) is entered into the Device field. The system value must correspond to the Device Address previously entered in the Device Addressing tab.
Communication and Firmware Update Communicating with the NetLinx Master via an IP Whether the Master’s IP Address was Set (Set IP Info) or obtained (Get IP Info), use the information from the Network Addresses dialog to establish a new communication method to the Ethernet connected Master. 1. Launch NetLinx Studio 2.1 (default location is Start > Programs > AMX Control Disc > NetLinx Studio > NetLinx Studio 2.1). 2.
Communication and Firmware Update 11. Select Tools > Reboot the Master Controller to access the Reboot the Master dialog, then click Continue to reboot the Master and incorporate any changes. Allow 20 - 30 seconds for the Master to reboot. The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation. Wait until the STATUS LED is the only LED to blink. 12. Click the OnLine Tree tab in the Workspace window to view the devices on the System. The default System value is one (1). 13.
Communication and Firmware Update 4. If the firmware version is not build 139 (v2_XX_139) for the NXC-ME260; locate the latest firmware file from www.amx.com > Tech Center > Downloadable Files > Firmware Files > NetLinx Masters. 5. Verify you have downloaded the latest Master firmware (KIT) file to a known location. 6. Select Tools > Firmware Transfers > Send to NetLinx Device from the Main menu to open the Send to NetLinx Device dialog (FIG. 24).
Communication and Firmware Update 12. Repeat steps 8 - 11 again (the last component will successfully be installed). 13. Click Close once the download process is complete. The OUTPUT and INPUT LEDs alternately blink to indicate the Master is incorporating the new firmware. Allow the Master 20 - 30 seconds to reboot and incorporate the new firmware. 14. Right-click on the System entry and select Refresh System.
Communication and Firmware Update 32 NXC-ME260 NetLinx Master-Ethernet Card/Module
NetLinx Security and Web Server NetLinx Security and Web Server NetLinx ME260 Masters (installed with firmware build 139 incorporate new built-in security and SSL certificate verification capabilities. By using both SSL certificate verification and secured HTTP access, this new NetLinx firmware provides users with a more convenient web-based method of securing both the Master and the incoming and outgoing information.
NetLinx Security and Web Server When using Mozilla on a Linux machine, the Group Rights column checkboxes (from within the Modify User page) can become greyed-out but are actually present. New Master Firmware Security Features Master Security Telnet Security Terminal (RS232 Program port) security HTTP (Web Server) Security FTP Security SSL Certificate Encryption and Identification Technology Installation of this new SSL functionality onto your Master will cause security setup via Telnet to be disabled.
NetLinx Security and Web Server NetLinx Security Terms (Cont.) Directory Associations A Directory Association is a path that defines the directories or files a particular user or group can access via the Web Server on the NetLinx Master. This character string can range from 1 to 128 alpha-numeric characters. This string is case sensitive. This is the path to the file or directory you want to grant access.
NetLinx Security and Web Server G3 panel pages accessed through the WebControl tab are virtual pages created by a user in TPDesign3 and then downloaded to the target Master. Interaction with these pages are not reflected on an actual G3 panel unless you use specific programming commands that link these virtual pages with their real G3 panel counterparts.
NetLinx Security and Web Server The NetLinx user account is created to be compatible with previous NetLinx Master firmware versions. This account is initially created by default and can later be deleted or modified. The administrator group account cannot be deleted or modified. The FTP Security and Admin Change Password Security are always enabled and cannot be disabled. Internet Explorer is used for the purposes of these instructions.
NetLinx Security and Web Server Security Tab Features (Cont.) SSL Certificate section Allows an authorized user to select the method for SSL certificate generation and implementation on the target Master. • A certificate can be self generated, requested, or regenerated. • Once a certificate has been installed onto a target Master, that certificate remains there until it is either replaced or regenerated.
NetLinx Security and Web Server Security System Features (Cont.) OK/Cancel • Press OK to accept any changes made within this tab and incorporate the information into the target Master. • Press Cancel to void any changes made within this tab, exits without making changes to the target Master, and blanks-out the Security tab. You must first enable the Master Security selection and then click OK before altering any settings.
NetLinx Security and Web Server Add Group Entries (Cont.) OK/Cancel • Press OK to accept any changes made within this tab and incorporate the information into the target Master. • Press Cancel to void any changes made within this tab, disables the security configuration session, voids any changes made to the Master, and returns you to the empty Security tab. A User represents a single potential client of the NetLinx Master, while a Group represents a logical collection of users.
NetLinx Security and Web Server Modify Group Entries (Cont.) HTTP Access This selection enables or disables Web Server access for the selected group. Telnet Access This selection enables or disables Telnet Security for the selected group. Security Config Access This selection enables or disables the ability of a group to alter the Security Configuration settings. OK/Cancel/Delete • Press OK to accept any changes made within this tab and incorporate the information into the target Master.
NetLinx Security and Web Server Here are some examples of valid entries: Valid Directory Association Entries Path Description / Enables access to the all files within the user’s main directory and subdirectories. /* Enables access to the all files within the user’s main directory and subdirectories. /user1 If user1 is a file in the user directory, only the file is granted access. If user1 is a subdirectory of the user directory, all files in the user1 and its sub-directories are granted access.
NetLinx Security and Web Server Security tab - Add User page The Users > Add User link allows an authorized user to add a user account (FIG. 30) and then assign that user’s current access rights. FIG. 30 Security Tab - Add User Add User Entries Feature Description User ID (user name) A valid character string defining the name of the user (4 - 20 alpha-numeric characters). The string is case sensitive and must be unique. Group Provides a drop-down listing of the available groups.
NetLinx Security and Web Server Security tab - Modify User page The Users > Modify User link allows an authorized user to select from a listing of available users (FIG. 31) and then modify the Master’s access rights for the selected user. Group Rights are greyed-out and are read-only from within Modify User. The Group Rights column will appear greyed-out when viewed within the Mozilla browser on a Linux machine. FIG.
NetLinx Security and Web Server Modify User Entries (Cont.) Telnet Access This selection enables or disables Telnet access for the selected user. Security Config Access This selection enables or disables the ability of a user to alter the Security Configuration settings. Password/Confirm Enter a new password assigned to the selected user. • A user password is a valid character string (4 - 20 alpha-numeric characters). The string is case sensitive and must be unique.
NetLinx Security and Web Server A single '/' is sufficient to grant access to all files and directories in the user directory and it's subdirectory. The '/*' wildcard can also be added to enable access to all files. All entries should start with a '/'. Here are some examples of valid entries: Valid Directory Association Entries Path Description / Enables access to the user directory and all files and subdirectories in that user directory.
NetLinx Security and Web Server Security tab - SSL Server Certificate page A certificate is a cryptographically signed object that associates a public key and an identity. Certificates also include other information in extensions such as permissions and comments. A "CA" is short for Certification Authority and is an internal entity or trusted third party that issues, signs, revokes, and manages these digital certificates.
NetLinx Security and Web Server Server Certificate Entries (Cont.) City/Location Name of the city where the certificate is used. This is an alpha-numeric string (1 - 50 characters in length). State/Province Name of the state or province where the certificate is used. This is an alpha-numeric string (1 - 50 characters in length). Country Name Provides a drop-down selection with a listing of currently selectable countries.
NetLinx Security and Web Server Security tab - Export Certificate Request page The SSL > Export Certificate Request link opens an Export Certificate Request field (FIG. 34) where an authorized user can copy the raw text from a generated Certificate request into their clipboard and then send it to the CA. FIG. 34 Security Tab - Export Certificate Request field Security tab - Import Certificate page The SSL > Import Certificate link opens an Import Certificate field (FIG.
NetLinx Security and Web Server System Tab Displays the firmware version and log information for the NetLinx Master (FIG. 36). FIG. 36 System Tab Show Devices Tab Displays the device values and firmware versions of devices connected to the current NetLinx Master System (FIG. 37). FIG. 37 Show Devices tab Network Tab Provides a list of the DNS and URL associated with the NetLinx Master. The DNS List identifies the Domain Name servers that translates domain names for the Master into IP Addresses.
NetLinx Security and Web Server Master Security Setup Procedures Setting the system security options for a NetLinx Master (Security Options Menu) 1. Enter the URL/IP Address of the target Master into the Address/URL field within the web browser. Refer to the Accessing the NetLinx Master via an IP Address section on page 35 for more detailed instructions on using your web browser to access your Master. 2. Click on the Security tab.
NetLinx Security and Web Server 6. Click on the checkbox next to SSL Enable to enable the use of SSL encryption and server certificate usage. Activating this feature requires the creation of a server certificate. Refer to the SSL Certificate Procedures section on page 61 for instructions on creating and requesting a server certificate for the target Master. Before initially enabling the SSL feature on the Master, a self-generated certificate should first be installed.
NetLinx Security and Web Server 4. Click on the checkbox next to the requested access rights desired for the selected group. Placing a check in these fields activates the access rights (Terminal/Admin Change/FTP/ HTTP/Telnet/Security Configuration). Refer to the Security tab - Add Group page section on page 39 for more detailed field descriptions. 5. Click OK to accept and save the changes made on this tab to the Master.
NetLinx Security and Web Server 5. Click OK to accept and save the changes made on this tab to the Master. Clicking Delete removes the selected group from the list of authorized groups on the Master. Clicking Cancel voids any changes made within this tab, disables the security configuration session, voids any changes made to the Master, and returns you to the empty Security tab. 6. Successful modification of the new group results in an on-screen message "Group ‘XXX’ modified".
NetLinx Security and Web Server Adding a Group directory association 1. Click on the Security tab. By default this tab is blank until a security option is selected from the left of the browser window. Refer to the Security tab - Group Directory Associations page section on page 41 for more detailed descriptions on the security configuration options. 2.
NetLinx Security and Web Server Not only can an administrator provide group access to a file or folder on the Master, but also to an Application tab displayed within the web browser (such as Show Devices or Network). To add an association to an Application tab, enter the association location (ex: /showdevices.asp) into the Adding Association field. 5. Click Add to add the new directory path to the group and save it to the Master. 6.
NetLinx Security and Web Server Adding a User and configuring their access rights 1. Click on the Security tab. By default this tab is blank until a security option is selected from the left of the browser window. Refer to the Security tab - Add User page section on page 43 for more detailed descriptions on the security configuration options. 2.
NetLinx Security and Web Server Each selection simply toggles the security setting from enabled to disabled. Modifying an existing User’s access rights 1. Click on the Security tab. By default this tab is blank until a security option is selected from the left of the browser window. Refer to the Security tab - Modify User page section on page 44 for more detailed descriptions on the security configuration options. 2.
NetLinx Security and Web Server 6. Enter the same password for the user into both the Password and Confirm fields, if you want to change the password. Leaving this field blank retains the current or previous password. A user password is a valid character string (4 - 20 alpha-numeric characters) that is used to supplement the user name/ID in defining the potential client. The string is case sensitive and must be unique. 7. Click OK to accept and save the changes made on this tab to the Master.
NetLinx Security and Web Server Adding a User directory association 1. Click on the Security tab. By default this tab is blank until a security option is selected from the left of the browser window. Refer to the Security tab - User Directory Associations page section on page 45 for more detailed descriptions on the security configuration options. 2.
NetLinx Security and Web Server Confirming the new directory association 1. Click on the Security tab. 2. Click the Directory Associations link. 3. From the Delete Association section of the User Directory Associations window, click the down arrow from the Select Association field to open a list of associations and confirm the new directory association has been assigned to the user. Deleting a directory association 1. Click on the Security tab. 2. Click the Directory Associations link. 3.
NetLinx Security and Web Server Self-Generating a SSL Server Certificate Request 1. Click on the Security tab (FIG. 45). Refer to the Security tab - SSL Server Certificate page section on page 47 for more detailed descriptions on the security configuration options. 2. Click the Server Certificate link (on the left of the browser window) to display the Security tab with the fields necessary for developing a new certificate. FIG. 45 Security tab - showing the Server Certificate creation fields 3.
NetLinx Security and Web Server 11. Choose Self Generate Certificate from the drop-down list. When this request is submitted, the certificate is generated and installed into the Master in one step. 12. Click OK to save the new encrypted certificate information to the Master or click Cancel to void any changes made within this tab and exit without making changes to the target Master. ONLY use the Regenerate certificate option when you have Self Generated your own certificate.
NetLinx Security and Web Server 10. Click the down arrow from the Action field to open a drop-down listing of available certificate generation options. 11. Choose Create Request from the drop-down list. 12. Click OK to accept the information entered into the above fields and generate a certificate file. Refer to the Security tab - Export Certificate Request page section on page 49.
NetLinx Security and Web Server 4. Click OK to enter the new encrypted certificate information and save it to the Master or click Cancel to void any changes made within this tab and exit without making changes to the target Master. Once a certificate has been purchased from an external CA and then installed onto a specific Master, DO NOT regenerate the certificate or alter its properties (example: bit length, city, etc.).If the purchased certificate is regenerated, it becomes invalid.
NetLinx Security and Web Server This method of certificate generation is used to modify or recreate a previously existing certificate already on the Master. By default, if a certificate is already present on the target Master, the Display Certificate Action is selected and these fields are populated with information. EX: if the company has moved from Dallas to Houston, all of the information is reentered exactly except for the City. 3. Enter any new or changed information into its respective field. 4.
NetLinx Security and Web Server 4. Enter the name of the server being used (this is the Master). The server name is the name as it shows up in the URL of the Master you are securing with this server certificate. For example, if the URL of the Master will be https://www.myNetLinxMaster.com/, then enter the server name as www.myNetLinx Master.com. 5. Send the CA the text created by your certificate request through the Master.
NetLinx Security and Web Server Accessing an SSL-Enabled Master via an IP Address 1. Enter the IP Address of the target Master (example: 198.198.99.99) into the web browser Address field. 2. Press the Enter key on your keyboard to begin the communication process between the target Master and your computer. 3. The user is then presented with a Security Alert popup window and Certificate information (FIG. 46). FIG.
NetLinx Security and Web Server 6. The user is then presented with a Certificate Import Wizard that begins the process of adding the certificate (FIG. 47). FIG. 47 Certificate Import Wizard 7. Click Next to proceed with the certificate store process. FIG. 48 Certificate Import Wizard- storing the certificate 8. Click Next to automatically use the default certificate store settings and locations (FIG. 48). 9. Click Finish button to finalize the certificate installation process. 10.
NetLinx Security and Web Server 18. The first tab displayed within your open browser window is WebControl. Using your NetLinx Master to control the G4 panel Refer to the specific panel instruction manual for detailed information on configuring and enabling WebControl. Once the Master’s IP Address has been set through NetLinx Studio (version 2.1 or higher): 1. Launch your web browser. In order to fully utilize the SSL encryption, your web browser should incorporate the an encryption feature.
NetLinx Security and Web Server FIG. 50 WebControl VNC installation and Password entry screens 8. Click Yes from the Security Alert popup window to agree to the installation of the G4 WebControl application on your computer. This application contains the necessary Active X and VNC client applications necessary to properly view and control the panel pages from your computer. The G4 WebControl application is sent by the panel to the computer that is used for communication.
NetLinx Security and Web Server 2. Click on the Download Java Web Start > Download Java Web Start 1.4.2 link to begin the download of the application to your hard drive and follow the installation procedures recommended by the application. 3. Restart your computer and launch your browser. 4. Repeat steps 1 - 5 from the previous section to launch the WebControl tab associated with your Master. 5. Click on the G3 panel name link associated with the target panel. 6.
NetLinx Security with a Terminal Connection NetLinx Security with a Terminal Connection NetLinx ME260 Masters (build 139) have built-in security capabilities. It will require a valid user name and password to access the NetLinx System’s Telnet, HTTP and FTP servers. The security capabilities are configured and applied via a Telnet connection or the NetLinx Master’s RS-232 terminal interface (the RS232 Program port). Always use the RS232 Program port when entering potentially sensitive security information.
NetLinx Security with a Terminal Connection 4. Enter any text into the Name field of the HyperTerminal Connection Description dialog window and click OK when done. 5. From the Connect Using field, click the down-arrow and select the COM port being used for communication by the target Master. 6. Click OK when done. 7. From the Bits per second field, click the down-arrow and select the baud rate being used by the target Master.
NetLinx Security with a Terminal Connection Option 1 - Set system security options for NetLinx Master (Security Options Menu) Type 1 and at the Security Setup prompt (at the bottom of the Main Security Menu) to display the Security Options Menu. The Security Options Menu sets the "global" options for the NetLinx Master. It is accessed by the Set Security system options of the Main Security Menu. This first thing that will happen is you will be asked one of two questions.
NetLinx Security with a Terminal Connection Changes made to the target Master from within the Terminal window are not reflected within the web browser, until the Master is rebooted and the web browser connection is refreshed. Any changes made to the Master, from within the web browser are instantly reflected within the Terminal session without the need to reboot.
NetLinx Security with a Terminal Connection 4. Enter a password for the new user. A password is a valid character string (4 - 20 alpha-numeric characters) to supplement the user name in defining the potential client. This string is also case sensitive. 5. The session then prompts you to verify the new password. Enter the password again, and press . 6. Assuming the password was verified, the session then displays the Edit User menu (see below). Option 4 - Edit User 1.
NetLinx Security with a Terminal Connection The Edit User Menu options are described in the following table: Edit User Menu Command Description 1) Change User Password This selection prompts you to enter the new password (twice) for the user. Once the new password is entered, the user must use the new password from that point forward. 2) Change Inherits From Group This selection will display the current group the user is assigned to (if any).
NetLinx Security with a Terminal Connection Access Rights Menu Command Description 1) Terminal (RS232) Access (Enable/Disable) Enables/disables Terminal (RS232 Program port) Access. The account has sufficient access rights to login to a Terminal session if this option is enabled. 2) Admin Change Password Access (Enable/Disable) Enables/disables Administrator Change Password Access. The account has sufficient access rights to change the administrator password if this option is enabled.
NetLinx Security with a Terminal Connection 2. Enter a name for the group. A group name is a valid character string (4 - 20 alpha-numeric characters) defining the group. This string is case sensitive, and each group name must be unique. 3.
NetLinx Security with a Terminal Connection access to a file or directory. From the answer, it will enter the appropriate Directory Association. The NetLinx Master will not create the path if it is not valid. That must be done via another means, most commonly by using an FTP client and connecting to the FTP server on the NetLinx Master. Edit Group menu: Delete directory association 1. At the Edit Group prompt, type 2 to delete an existing directory association.
NetLinx Security with a Terminal Connection Edit Group menu: Display Access Rights 1. At the Edit Group prompt, type 5 to view the current access rights for the selected group account. A sample session response is: Terminal (RS232)...................Disabled Admin Password Change..............Disabled FTP................................Disabled HTTP...............................Disabled Telnet.............................Disabled Security Configuration.............
NetLinx Security with a Terminal Connection Option 10 - Show List of Authorized Groups 1. Type 10 and at the Security Setup prompt (at the bottom of the Main Security Menu) to display a list of all authorized group accounts. A sample session response is: The following groups are currently enrolled: administrator Group 1 Press key to continue 2. Press to return to the Security Setup Menu.
NetLinx Security with a Terminal Connection Main Security Menu The Main Security menu is described below: Main Security Menu Command 1) Set system security options for NetLinx Master Description This selection will bring up the Security Options Menu that allows you to change the security options for the NetLinx Master (refer to the Security Options Menu section on page 76 for details). These are "global" options that enable rights given to users and groups.
NetLinx Security with a Terminal Connection Main Security Menu (Cont.) Command Description 14) Reset Database If a user has been given "administrator rights", this additional menu option is displayed. This selection will reset the security database to its Default Security Configuration settings, erasing all users and groups that were added. This is a permanent change and you will be asked to verify this before the database is reset.
NetLinx Security with a Terminal Connection Help menu Type help at the prompt in the Telnet session to display the following help topics: Help Menu Options Command ----- Help ----- Description (Extended diag messages are OFF) : Device:Port:System. If omitted, assumes master. ? or Help Displays this list. DATE Displays the current date. DEVICE HOLDOFF ON|OFF Sets the master to holdoff devices (i.e.
NetLinx Security with a Terminal Connection Help Menu Options (Cont.) Command Description SET DNS Setup the DNS configuration of a device. SET ICSP PORT Sets the IP port listened to for ICSP connections. SET ICSP TCP TIMEOUT Sets the timeout period for ICSP and i!-WebControl TCP connections. SET IP Setup the IP configuration of a device. SET TELNET PORT Sets the IP port listened to for telnet connections. SET THRESHOLD Sets the master's internal message thresholds.
NetLinx Security with a Terminal Connection The password is case sensitive. The password must be entered with the exact combination of upper and lower letters as was assigned to them by the security administrator. The password must be at least 4 characters long and no more than 20 characters. Any combination of letters, numbers, or other characters may be used.
Programming Programming The NetLinx programming language allows numbers in the range 0-32,767. Device 0 refers to the Master Card; numbers greater than 32,767 are reserved for internal use only. The NetLinx programming language requires a Device:Port:System (D:P:S) syntax where Axcess expects only a device number. The NetLinx D:P:S triplet variable is expressed as: DEVICE:PORT:SYSTEM where: • Device: 16-bit integer representing the device number (0-32,767). 0 = the local Master.
Programming Program Port Commands (Cont.) Command SET DATE Description Prompts you to enter the new date for the Master Card. When the date is set on the Master Card, the new date will be reflected on all devices in the system that have clocks (i.e. touch panels). By the same token, if you set the date on any system device, the new date will be reflected on the system’s Master, and on all connected devices. This will not update clocks on devices connected to another Master (in Master-to-Master systems).
Programming Program Port Commands (Cont.) Command DISK FREE Description Displays the total bytes of free space available on the Master Card's compact Flash memory. Example: >DISK FREE The disk has 2441216 bytes of free space. GET IP Displays the Master Card's D:P:S, Host Name, Type (DHCP or Static), IP Address, Subnet Mask, Gateway IP, and MAC Address. Example: >GET IP [0:1:50] IP Settings for 0:1:50 HostName MLK_INSTRUCTOR Type DHCP IP Address 192.168.21.101 Subnet Mask 255.255.255.
Programming Program Port Commands (Cont.) Command PASS Description Sets up a pass through mode to a device. In pass through mode, any string received by the device is displayed on the screen, and anything typed is sent as a string to the device. The device can be on any system the Master you are connected to can reach. You can specify the device number, port, and system, or the name of the device that is defined in the DEFINE_DEVICE section of the program.
Programming Program Port Commands (Cont.) Command ROUTE MODE DIRECT|NORMAL Description Sets the Master-to-Master route mode: • Normal mode - allows a Master to communicate with any Master accessible via the routing tables (shown with the SHOW ROUTE command). This includes a directly-connected Master (route metric =1) and indirectly connected masters (route metric greater than 1, but less than 16). • Direct mode - allows communication only with masters that are directly connected (route metric = 1).
Programming Program Port Commands (Cont.) Command SET URL Description Prompts you to enter the URL address and port number of another Master or device (that will be added to the URL list). Then, enter Y (yes) to approve/store the new addresses in the Master Card. Entering N (no) cancels the operation. Example: >SET URL [0:1:0] No URLs in the URL connection list Type A and Enter to Add a URL or Enter to exit. -> a Enter URL -> 192.168.21.
Programming Program Port Commands (Cont.) Command SHOW LOG Description Displays the log of messages stored in the Master's memory. The Master logs all internal messages and keeps the most recent messages. The log contains:· • Entries starting with first specified or most recent • Date, Day, and Time message was logged • Which object originated the message • The text of the message SHOW LOG [start] [end] SHOW LOG ALL If start is not entered, the most recent message will be first.
Programming Program Port Commands (Cont.) Command SHOW REMOTE Description Displays a list of the devices this system requires input from and the types of information needed. If when a NetLinx Master connects to another NetLinx Master, the newly connecting system has a device that the local system desires input from; the new system is told what information is desired from what device.
Programming Program Port Commands (Cont.) Command Description Lists all active TCP/IP connections. TCP LIST Example: >TCP LIST The following TCP connections exist(ed): 1: IP=192.168.21.56:1042 Socket=0 (Dead) 2: IP=192.168.21.56:1420 Socket=0 (Dead) Displays the list of URL addresses programmed in the Master Card (or another system). URL LIST Example: >URL LIST The following URLs exist in the URL connection list ->Entry 0-192.168.13.65:1319 IP=192.168.13.65 State=Connected Entry 1-192.168.13.
Programming Notes on Specific Telnet/Terminal Clients Telnet and terminal clients will have different behaviors in some situations. This section states some of the known anomalies. Windows client programs Anomalies occur when using a windows client if you are not typing standard ASCII characters (i.e. using the keypad and the ALT key to enter decimal codes). Most programs will allow you to enter specific decimal codes by holding ALT and using keypad numbers.
Programming NXC-ME260 NetLinx Master-Ethernet Card/Module 99
ARGENTINA • AUSTRALIA • BELGIUM • BRAZIL • CANADA • CHINA • ENGLAND • FRANCE • GERMANY • GREECE • HONG KONG • INDIA • INDONESIA • ITALY • JAPAN LEBANON • MALAYSIA • MEXICO • NETHERLANDS • NEW ZEALAND • PHILIPPINES • PORTUGAL • RUSSIA • SINGAPORE • SPAIN • SWITZERLAND • THAILAND • TURKEY • USA ATLANTA • BOSTON • CHICAGO • CLEVELAND • DALLAS • DENVER • INDIANAPOLIS • LOS ANGELES • MINNEAPOLIS • PHILADELPHIA • PHOENIX • PORTLAND • SPOKANE • TAMPA 3000 RESEARCH DRIVE, RICHARDSON, TX 75082 USA • 800.222.
