SecureLinx Spider™ and SpiderDuo™ User Guide SecureLinx Spider (USB) SecureLinx SpiderDuo (PS/2) Part No. 900-495 Rev.
Copyright and Trademark © 2009 and 2010, Lantronix. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any form or by any means without the written permission of Lantronix. Printed in the United States of America. Ethernet is a trademark of XEROX Corporation. UNIX is a registered trademark of The Open Group. Windows 95, Windows 98, Windows 2000, Windows XP are trademarks of Microsoft Corp. Netscape is a trademark of Netscape Communications Corporation.
Disclaimer and Revisions Operation of this equipment in a residential area is likely to cause interference, in which case the user, at his or her own expense, will be required to pay for to take whatever measures may be required to correct the interference. This equipment has been tested and found to comply with the limits for Class A digital device pursuant to Part 15 of the FCC Rules.
Table of Contents Copyright and Trademark ____________________________________________________ 2 LINUX GPL Compliance _____________________________________________________ 2 Warranty _________________________________________________________________ 2 Contacts _________________________________________________________________ 2 Disclaimer and Revisions ____________________________________________________ 3 Documentation Changes _____________________________________________________ 3 Revision History _________
Table of Contents Target Computer Setup _____________________________________________________ 38 Video Resolutions and Refresh Rates Configuration ___________________________ 38 Mouse-to-Cursor Synchronization __________________________________________ 39 Telnet/SSH Connections to Serial Ports _____________________________________ 39 Cable Connections for KVM and USB _______________________________________ 39 Power Sequencing _____________________________________________________ 40 Client Server Setup ____
Table of Contents Screenshot to Clipboard _________________________________________________ 51 Refresh Video _________________________________________________________ 51 Telnet/SSH_______________________________________________________________ 51 Set up and Enable ______________________________________________________ 51 Passthrough Use _______________________________________________________ 51 Telnet Console Use _____________________________________________________ 52 7: Interfaces 53 Network Settings
Table of Contents User and Group Management _____________________________________________ 74 User Management___________________________________________________ 74 Group Management _________________________________________________ 75 User Permissions __________________________________________________________ 75 Remote Authentication______________________________________________________ 76 LDAP ________________________________________________________________ 77 RADIUS ________________________________________
Table of Contents Connect Commands ______________________________________________________ 106 VIP Commands __________________________________________________________ 111 User Group Commands ____________________________________________________ 113 OEM Customization Commands _____________________________________________ 116 Power Commands ________________________________________________________ 117 Serial Port Commands _____________________________________________________ 117 WOL (Wake on LAN) Commands _____
List of Figures Figure 2-1 Spider System Configuration ___________________________________________ 17 Figure 2-2 Spider Cable Dimensions ______________________________________________ 17 Figure 2-3 SpiderDuo System Configuration ________________________________________ 20 Figure 2-4 SpiderDuo PS/2 Cable Dimensions ______________________________________ 21 Figure 2-5 SpiderDuo USB Cable Dimensions_______________________________________ 21 Figure 2-6 Spider Family Product Information Label ___________________
List of Figures Figure 7-38 User Interface Settings Page __________________________________________ 71 Figure 7-39 Configure VIP Page _________________________________________________ 72 Figure 7-40 Bootstrap Update Window ____________________________________________ 72 Figure 8-1 Change Password Page _______________________________________________73 Figure 8-2 Configure User Page__________________________________________________ 74 Figure 8-5 User Permissions Page__________________________________________
List of Tables Table 1-1 Chapter/Appendix and Summary _________________________________________ 13 Table 1-2 Conventions Used in This Book __________________________________________ 14 Table 2-1 SpiderTechnical Specifications __________________________________________ 18 Table 2-2 SpiderDuo Technical Specifications _______________________________________ 22 Table 3-2 Spider LEDs _________________________________________________________ 26 Table 4-3 SpiderDuo Indicator LEDs __________________________________
List of Tables Table 9-12 Event Log Targets ___________________________________________________ 85 Table 9-13 Event Log Assignments _______________________________________________86 Table 9-15 SNMP Settings ______________________________________________________ 87 Table 10-2 Device Status Settings ________________________________________________ 92 Table 10-4 Configuration Settings ________________________________________________ 94 Table 12-1 Action and Category ___________________________________________
1: About This Guide This guide describes how to install, configure, use, and update the SecureLinx Spider and SpiderDuo devices. It describes how to remotely and securely provide monitoring and control of one target computer system by one or more remote users. This chapter contains the following sections: Chapter and Appendix Summaries Conventions Additional Documentation Note: The information contained in this guide apply to the Spider and SpiderDuo unless otherwise noted.
1: About This Guide Table 1-1 Chapter/Appendix and Summary (continued) Chapter/Appendix Summary B: Virtual Media Example Gives examples of virtual media. C: Supported Resolutions and Refresh Rates Lists the resolutions and refresh rates that are supported. D: Mounting Bracket Kit Describes how to mount the Spider/SpiderDuo in a rack. E: PCU Safety Information Provides PCU safety information. F: Technical Support Lists technical support telephone and fax numbers.
2: Overview SecureLinx Spider and SpiderDuo are distributed Keyboard, Video, and Mouse-over-IP (KVM)over-IP devices designed to remotely and securely provide monitoring and control of one target computer system by one or more remote users. The remote user (client) accesses the Spider or SpiderDuo over a local or wide area network connection using a standard web browser. Spider and/or SpiderDuo is an evolution of the traditional remote KVM switch into a compact package.
2: Overview One model with cable length of 58” Secure, full BIOS-level control of remote servers over an IP network Space–saving “zero footprint” package attaches directly to the server that saves rack space Flexible 1–port design allows growth Guaranteed non-blocked access to remote servers that ensures lowest “cost-per-remote user” Browser–based, no client software or special licensing required Virtual Media support allows local drive (floppy, CD, hard drive, USB stick) sharing
2: Overview Figure 2-1 Spider System Configuration Figure 2-2 Spider Cable Dimensions SecureLinx Spider/SpiderDuo User Guide 17
2: Overview Technical Specifications Table 2-1 lists the components and general specifications.
2: Overview Table 2-1 SpiderTechnical Specifications (continued) Component Specification Weight 185g (6.6 oz) Shipping Weight .5 kg (1.
2: Overview Compresses the video and sends it over the network to a Java KVM console window launched by the browser or to a command line on the user system, which draws a replica of the server video output on the user monitor. Uses Java KVM console to accept keystrokes and mouse movements on the user system; recognize those intended for the target computer; transmit the keystrokes and mouse movements; and emulate a physically attached keyboard and mouse.
2: Overview Figure 2-4 SpiderDuo PS/2 Cable Dimensions Figure 2-5 shows the USB cable dimension. Figure 2-5 SpiderDuo USB Cable Dimensions Note: The PS/2 cables and USB cables cannot be mixed and matched with each other due to the unique properties of each. Use the cables that come with your SpiderDuo.
2: Overview Technical Specifications Table 2-2 lists the general components and the specifications.
2: Overview Table 2-2 SpiderDuo Technical Specifications (continued) Component Specification Weight USB: 269g (9.50 oz) PS/2: 278g (9.80 oz) 1.5 kg (3.3 lbs) Shipping Weight Product Information Label The Product Information Label on the back of the Spider family units contains the following information: Bar code Serial number Revision number Hardware address (also known as the Ethernet or MAC address) Manufacturing code Figure 2-6 shows the Product Information Label.
3: Installing the Spider This chapter describes how to install the Spider. It contains the following sections: Package Contents Installing the Spider Detector Installation and IP Address Reset Target Computer Setup Client Server Setup Network Environment Spider Power For technical specifications of the Spider, see 2: Overview.
3: Installing the Spider - Tie all of the Spider units in a rack together so that one network connection only is required. While this configuration is a “daisy” chain physically, logically each Spider has its own IP address on the network. Because the Spider data that comes from the end of the chain traverses all of the switches, latency increases and responsiveness degrades depending on the number of devices in the chain. Lantronix recommends a maximum of 16 Spider in a chain.
3: Installing the Spider 4. The Pwr2 LED illuminates blue and the SysOK LED flashes green to indicate that the Spider is booting. Bootup should complete within one minute. The SysOK LED stops flashing and remains illuminated. If you use the external power supply to boot, Pwr1 illuminates blue. lists the LED labels, colors, and actions. Table 3-2 Spider LEDs Label Color Action Pwr1 Blue Indicates adequate power from USB1 (external power supply first).
3: Installing the Spider Figure 3-5 Spider RJ45 Ethernet and Cascade Ports Detector Installation and IP Address Reset The initial IP address gets assigned during bootup of the Spider. To change it, use the Detector application. You can download Detector from Lantronix at http://www.lantronix.com/support/ downloads.html. Note: Lantronix recommends that you run Detector from its CD or copy it to your local hard drive and run it from there rather than from a shared network drive.
3: Installing the Spider 6. Click the Search icon shown in Figure 3-7. Figure 3-7 . A list of Lantronix Ethernet devices on the network displays as Detector Device List Window 7. Click to highlight the device that you want and click the Network Settings icon to change the IP address. The Enter Network Settings window displays the Device Type and MAC Address (Ethernet address) that identify the device as shown in Figure 3-8.
3: Installing the Spider 8. Enter an unique and valid IP Address on your network and in the same subnet as your PC. There is no default. 9. Enter the subnet mask that is the network segment connected to the Spider. To accept the default, leave blank. 10. Enter the default gateway that is the router IP address for your network. To accept the default, leave blank. 11. Click OK. A message confirms the network configuration. 12. Click OK. 13. Confirm the IP address change by clicking the Search icon .
3: Installing the Spider 2. Reboot is required. Notes: Background wallpaper and desktop appearances do not have any particular limitations. Microsoft Active Desktop and Linux virtual desktop are not supported. If bandwidth is a concern, plain backgrounds are preferred. If you are using a special video card or OS, consult the documentation.
3: Installing the Spider Cable Connections for KVM and USB Connections for KVM and USB are integrated into the Spider. Do not use extension cables. Plug the Spider directly into the ports on the host server. If using the Spider serial port, plug the cable into the COM port on the server. The second Cascade Ethernet port can connect to the Spider to the target computer management LAN port, or to a main LAN port, or to an Spider chain.
3: Installing the Spider When idle, minimal network traffic gets generated. Traffic bursts exceeding 10 Mpbs can occur if images change rapidly on the host server and image quality gets set to the maximum. Lantronix recommends using Fast Ethernet connections and a switched network environment because In a LAN, traffic affects the responsiveness of the Remote Console window. Spider Power The Spider consumes under 4 watts of power that it draws from the attached computer.
4: Installing the SpiderDuo This chapter describes how to install the SecureLinx SpiderDuo. It contains the following sections: Package Contents Installing the SpiderDuo Detector Installation and IP Address Reset Target Computer Setup Client Server Setup Network Environment PCU Power For technical specifications of the SpiderDuo, see 2: Overview.
4: Installing the SpiderDuo Optional Auxiliary DC Power Supply (Redundancy)—Overcomes the loss of power when the attached server goes down by using the auxiliary DC power supply connected to an independent AC power source. Ethernet Ports—Connects to the LAN. The SpiderDuo has one port only that connects to the LAN. Local KVM Port—Connects keyboard, video, and mouse to the local client. Perform the following steps to install the SpiderDuo and configure the initial network settings. 1.
4: Installing the SpiderDuo Table 4-3 SpiderDuo Indicator LEDs (continued) Label Color Action SysOK Blue On - Powered up and OK Blinking - Booting PCU Green On - Power Unit Connected , AC power is passed through 5. Upon bootup, the terminal window displays the IP Configuration screen. At the command prompt type config and press Enter. Figure 4-4 SpiderDuo Welcome Screen 6.
4: Installing the SpiderDuo Detector Installation and IP Address Reset The initial IP address gets assigned during bootup of the SpiderDuo. To change it, use the Detector application. You can download Detector from Lantronix at http://www.lantronix.com/ support/downloads.html. Note: Lantronix recommends that you run Detector from its CD or copy it to your local hard drive and run it from there rather than from a shared network drive. Otherwise you may get a security exception.
4: Installing the SpiderDuo Figure 4-7 Detector Device List Window 7. Click to highlight the device that you want and click the Network Settings icon to change the IP address. The Enter Network Settings window displays the Device Type and MAC Address (Ethernet address) that identify the device as shown in Figure 4-8. Figure 4-8 Network Settings Window 8. Enter an unique and valid IP Address on your network and in the same subnet as your PC. There is no default. 9.
4: Installing the SpiderDuo 10. Enter the default gateway that is the router IP address for your network. To accept the default, leave blank. 11. Click OK. A message confirms the network configuration. 12. Click OK. 13. Confirm the IP address change by clicking the Search icon . Find the device in this list and verify the IP address. You can access the device by using its new IP address.
4: Installing the SpiderDuo Microsoft Active Desktop and Linux virtual desktop are not supported. If bandwidth is a concern, plain backgrounds are preferred. Mouse-to-Cursor Synchronization Mouse-to-cursor synchronization can be an issue with digital KVM interfaces because PS/2 mice transmit incremental information about movement over a period of time rather than an absolute measurement.
4: Installing the SpiderDuo Table 4-9 Extended Length Cables PS/2 and USB connectors; 1500 mm, (59 in.) VGA cable 500-200-R Power Sequencing To ensure that the system (PC, local keyboard and mouse, and SpiderDuo) function properly at power up, it is recommended that the following procedure be performed. 1. Ensure that the PC and SpiderDuo are powered off. 2. Make connections for all devices. 3. Turn on the SpiderDuo first and wait for the SpiderDuo to boot up completely.
4: Installing the SpiderDuo PCU Power To remotely control power to a PC and other equipment, an optional PCU is available (part number PCU100-01). The PCU manages power remotely to a target PC and other equipment. In addition, the user can restart or power-cycle the PC and other equipment. shows the layout and dimensions of the PCU. Figure 4-10 PCU Layout and Dimensions Complete the following tasks to connect the PCU. 1. Connect the power output plug to a target PC or other equipment. 2.
4: Installing the SpiderDuo Warning: AC power passes through by default if the RJ45 cable is disconnected from the PCU. The SpiderDuo gets its power from an external DC supply. Replacement power supplies are available.
5: Web Browser Access This chapter describes how to use the SecureLinx Spider and SpiderDuo devices to access and manage a target computer by using a Web browser or remote system. It contains the following section: Accessing the KVM Console Accessing the KVM Console Perform the following steps to use a web browser. 1. Access the Spider or SpiderDuo over the network by using a web browser by entering https:// (for a secure SSL connection) or http:// (for an unsecure connection).
6: Remote System Control This chapter describes the components of remote system control. It contains the following sections: Overview Remote Console Window Basic Remote Console Operation Optimizing Video Keyboard Functions Other Remote Console Functions Telnet/SSH Overview The SecureLinx Spider and SpiderDuo control the target system by using a Remote Console. The Remote Console has settings that apply each time a user launches it.
6: Remote System Control Figure 6-1 Remote Console Window Components Main Viewport and Scroll Bars When first launched, the full virtual screen of the target computer is mapped pixel-for-pixel to the console window main viewport. As a result, if the target is running at a resolution less than that of the client, the entire screen is visible in the Remote Console window.
6: Remote System Control Sync Mouse, Single/Double Cursor—These icons appear when the PS/2 mouse interface is active. Options The drop-down menu provides access to a number of options and features. Information Bar - Connection The left side of the information bar indicates whether the connection is encrypted (Console (SSL)) or unencrypted (Console (Norm)). Information Bar - Resolution Displays the horizontal by vertical resolution of the target system’s video.
6: Remote System Control Basic Remote Console Operation When the Remote Console window is open, there are three key zones: Outside the Remote Console window, interaction is with the local computer’s operating system or applications. Inside the Remote Console window’s viewport, interaction is with the target computer. Inside the Remote Console window but outside the viewport, interaction is with the Remote Console control functions such as the toolbar or scroll bars.
6: Remote System Control Auto Video Adjustment The left side of the target computer screen must be aligned with the left side of the Remote Console viewport so that the tops align as well. If not, the local and remote cursors will always have a fixed offset of that amount, even if the USB interface is used. Clicking the Auto Video Adjustment one or more times typically cures any offset.
6: Remote System Control Selections made in the Local Cursor submenu are associated with the current user and will be saved for the next Remote Console session. Optimizing Video The Spider and SpiderDuo can automatically make adjustments to video settings including clock and phase, and encoding to ensure that a picture displays quickly. You can also manually specify the settings.
6: Remote System Control Scaling Target Video to Client Resolution In addition to the 1:1 pixel mapping mode, which is the default when the Remote Console window is first launched, scaling factors may be applied to the captured video in order to match various sizes of windows on the client. This scaling may be a fixed ratio or dynamically adjustable, as selected from the Options > Scaling selection.
6: Remote System Control Monitor Only When Options > Monitor Only is checked, the keyboard and mouse are disabled for this Remote Console window. The Monitor Only state is shown in the lower right corner of the Remote Console status bar. The user must have the appropriate permissions to change this setting. Exclusive Access When Options > Exclusive Access is checked, no other client may open a Remote Console window to this Spider. Any open Remote Console windows on other clients will be disconnected.
6: Remote System Control 3. The Spider will reply with a Welcome and status, followed by a command line prompt. Selections are: Help—Displays a list of commands Version—Displays the current Spider firmware version number Connect Serial—Enter passthrough to serial port mode Logout—Terminates the Telnet or SSH connection 4. Enter connect serial to open the connection to the serial port. 5. You are now connected and may interact with the attached serial console.
7: Interfaces This chapter describes the Interfaces tab including information about the pages for configuring network, serial port, KVM Console, Keyboard/Mouse, Video, and Virtual Media settings. It contains the following sections: Network Settings Serial Port Settings KVM Console Settings Keyboard/Mouse Video Virtual Media User Interface Settings Configure VIP Network Settings The first link on the Interfaces tab is Network Settings.
7: Interfaces Figure 7-1 Spider Network Settings Web Page 2. Modify the following fields. Network Basic Settings Table 7-2 Network Basic Settings Field Description IP auto configuration Select DHCP or BOOTP to fetch network settings from the appropriate type of server. Select NONE for a fixed IP address. Host name DHCP servers can register a name for this Spider to assist in finding it, or you can configure it with a short host name or a fully qualified domain name.
7: Interfaces Table 7-2 Network Basic Settings (continued) Field Description Secondary DNS Server IP Address (optional) Enter the IP address of the Domain Name Server to be used if the Primary DNS Server cannot be reached. LAN Interface Settings Table 7-3 LAN Interface Settings Field Description Current LAN interface parameters Displays current LAN interface settings. LAN interface speed Manual setup may be required for older equipment.
7: Interfaces Table 7-5 Miscellaneous Network Settings (continued) Field Description Proxy host Enter the proxy server's address. Proxy port Enter the proxy port number. 3. Do one of the following: a. Click Save to save settings. b. Click Reset to Defaults to restore system defaults. c. Click Reset to restore original settings. Serial Port Settings After using the serial port to set up the network parameters, you can use the serial port for something else.
7: Interfaces Table 7-7 Serial Port Settings (continued) Field Description Modem (Spider Only) Connect to the Spider with a dial-up or ISDN connection, using PPP. Essentially, the Spider acts as an ISP that you dial in to. The client system will need to be set up accordingly, for example using the Windows Network Connection Wizard. Change the following parameters as necessary: Passthrough Access to serial port 1 via Telnet/ SSH Serial Line Speed: Most modems support 115200 bps.
7: Interfaces The way in which the Spider transmits video data back to the client system can be tailored for the type of network connection. On a LAN where bandwidth is not an issue, compression is not required and the speed of updates can be maximized. For other connections, the optimum user interaction needs to trade off image quality and update speed to fit the size of the pipe.
7: Interfaces Transmission Encoding Table 7-10 Transmission Encoding Field Description Automatic Detection This option uses an algorithm to try to determine what sort of connection is being used, and sets up parameters to match. These settings may change from login to login depending on the state of the network at that point. Preconfigured Establishes a set of parameters optimized for each of a number of connection types.
7: Interfaces Table 7-13 Miscellaneous KVM Console Settings Field Description Start in Exclusive Access Mode Upon any subsequent launch of the Remote Console applet by the selected user, terminates any other users’ Remote Console windows and locks out any other users trying to access the Remote Console window. This may be changed from within the Remote Console window to allow shared access, if the user has appropriate permission.
7: Interfaces Figure 7-16 Keyboard/Mouse Settings 2. Modify the following fields. Keyboard/Mouse Settings Table 7-17 Keyboard/Mouse Settings Field Description Host Interface In general, the USB interface is preferred because it provides superior mouse tracking. The Host Interface drop-down provides three selections. In the default mode, Auto, the Spider attempts to determine whether the attached computer supports a USB keyboard/mouse. If it does, that interface gets activated.
7: Interfaces Table 7-17 Keyboard/Mouse Settings Field Description Force USB Full Speed Mode Some older systems do not support USB high-speed mode and may not recognize the keyboard/mouse. Enable this option for Spider to negotiate in USB full speed mode. Keyboard Model Table 7-18 Keyboard Model Field Description When operating in PS/2 interface mode, key codes from several layouts may be emulated. Generic 104-key PC for the traditional layout.
7: Interfaces Mouse Speed Table 7-22 Mouse Speed Field Description Mouse speed Select the method of assigning mouse speed. Auto mouse speed determines the speed and acceleration settings of the target system. It is the recommended setting for most applications. Fixed scaling translates a one-pixel motion on the client system to a selectable number of pixels moved on the target system.
7: Interfaces Figure 7-23 Keyboard/Mouse Settings Page B Video The Spider works by capturing and digitizing the analog video coming from the attached computer. This analog video may have more or less low-level electrical noise present, depending on the nature of the video card or embedded video controller. When viewed on a monitor, this noise (if random) is invisible as the display is being redrawn 60 to 100 times a second.
7: Interfaces Figure 7-24 Miscellaneous Video Settings Page 2. Select the Noise Filter level from the drop-down menu. 3. Do one of the following: a. Click Save to save settings. b. Click Reset to Defaults to restore system defaults. c. Click Reset to restore original settings. Virtual Media The Spider provides a powerful capability called Virtual Media (or Virtual Disk).
7: Interfaces Figure 7-25 Virtual Media Page To prepare for drive redirection, perform the following steps. 1. Enter the following fields. Virtual Media Active Image Table 7-26 Virtual Media Active Image Field Description Virtual Media Active Image Once you set Image on Windows Share or Floppy Image File (on this web page), information about the currently assigned (active) image displays.
7: Interfaces Virtual Media Options The operating system on the target computer must have a USB mass storage driver installed in order to use Virtual Media. As the BIOS on some systems does not always support mass storage emulation on the USB interface, the system default is to disable USB mass storage unless an image is loaded. This option may be unselected to use.
7: Interfaces b. To mount the image, click Set. Information about the image displays in the Virtual Media Active Image section of the page and the CD icon displays on the remote console. Figure 7-30 Virtual Media Active Page 3. If desired, in the Virtual Media Active Image section: a. Click Reactivate if the remote console does not recognize the image. b. Click Unset to remove the current image file. This option is available only when a user uploads a floppy image. c.
7: Interfaces b. Click Upload to load the image into Spider’s memory. This floppy drive is accessible to the remote computer as a letter-name floppy drive (e.g., B:). Information about the image displays in the Virtual Media Active Image section of the page. Figure 7-31 Virtual Media Active Image 3. If desired, in the Virtual Media Active Image section: a. Click Reactivate if the remote machine does not recognize the image. b. Click Download to save the image file. c.
7: Interfaces Figure 7-32 Drive Redirction Window Figure 7-33 Drive Redirect Buttons 3. Click the Connect Drive button at the top of the page. The Select a drive to redirect dialog box opens. Figure 7-34 Select Drive Redirect Window 4. From the drop-down list, select the drive you want to redirect. Note: To refresh the list after adding or removing a drive, click the Refresh List button. 5. If desired, select the Enable Write support check box. 6. Click OK.
7: Interfaces Figure 7-36 Local Drive Browser Window 8. Select the ISO image file to use as a local disk and press Open. Figure 7-37 Drive Redierection Established Window 9. ISO Drive Redirection established displays at top of screen. User Interface Settings The color of page tabs on the Spider can be changed. On the Interfaces page click UI. Select a style sheet from the drop-down list on the User Interface Settings page. Click Save.
7: Interfaces Configure VIP To configure VIP, perform the following steps. 1. Click Interfaces > VIP. The current VIP settings display. 2. Enter new settings as needed. 3. Click Save. Figure 7-39 Configure VIP Page Note: The Bootstrap Upload option allows for the upload of a bootstrap.xml file. You can also auto-load the file by clicking the Auto-Load from thumb drive button. To upload a new bootstrap file, perform the following steps. 1. Click Browse to find and select the file. 2. Click Upload. 3.
8: User Accounts This chapter describes user accounts including local and remote authentication, management, and user groups and how to configure each. It contains the following sections: Local vs. Remote Authentication Local User Management User Permissions Remote Authentication Local vs. Remote Authentication User names and groups may be administered on the Spider to allow varying levels of access and control to different classes of users.
8: User Accounts 3. Enter the new password under New Password and Confirm New Password. 4. Click Save to save your settings, or click Reset to restore original settings. User and Group Management You must be logged in under a user name that has permissions for User/Group Management to access this page. The Spider supports a maximum of 50 configured users. When defining a user, make sure the group to which the user will belong has already been created.
8: User Accounts Table 8-3 User Management Field Description Group Membership Select the user’s group from the drop-down menu. Enforce user to change password on next login Select checkbox to require the user to change the password upon initial login. 2. Do one of the following: a. Click Create to add the new user. b. Click Modify to change an existing user. c. Click Copy to create a new user based on the selected existing user. d. Click Delete to delete an existing user. e.
8: User Accounts Figure 8-5 User Permissions Page 2. From the drop-down menu, select Group to configure: 3. If you created a user belonging to a group, and you want to change permissions for the group, select Group. 4. If you created a user who does not belong to any group, then select User. 5. From the Direct KVM drop-down menu, do one of the following: a. Select Yes to enable the user or group to access the Remote Console only. After a user is authenticated, it launches the Java KVM console program. b.
8: User Accounts Figure 8-6 Authentication Page 2. Modify the following field. Table 8-7 Local Authentication Field Description Local Authentication When Local Authentication is selected, the Spider will authenticate against its internal database of users and passwords, as described in Local User Management. LDAP When you select LDAP Authentication, the Spider will communicate with a Microsoft Active Directory or generic LDAP server for user authentication.
8: User Accounts Table 8-8 LDAP (continued) Field Description User Search Sub-filter Select to restrict the search for users by adding an additional search filter to each query for a user. Bind Name The name for a non-anonymous bind to an LDAP server. This item has the same format as LDAP Base. One example is cn=administrator,cn=Users,dc=domain,dc=com. Bind Password and Confirm Password Password for a non-anonymous bind. This entry is optional. Acceptable characters are a-z, A-Z, and 0-9.
9: Services This chapter describes the Spider and SpiderDuo services. It contains the following sections: Date/Time Security Certificate Event Log SNMP KVM Search Power Management Date/Time The Spider contains an internal real time clock that maintains a basic date and time after being set. The clock, however, will reset if the unit loses power. If an accurate date and time are critical, the Spider supports synchronization with Network Time Protocol servers.
9: Services 2. Modify the following fields. Table 9-2 Date/Time Settings Field Description UTC Offset Time servers deliver time as Coordinated Universal Time (UTC, or Greenwich Mean Time). Select the appropriate offset in hours ± from the drop-down menu. User Specified Time Manually input the current date and time. The Spider keeps time as long as power is applied. It has an internal calendar, but does not know about daylight savings time and requires resetting twice a year.
9: Services Figure 9-3 Security Settings Page 2. Modify the following fields. HTTP Encryption Table 9-4 HTTP Encryption Field Description Force HTTPS for Web Access Typically, the Spider listens on both HTTP and HTTPS ports for incoming connections. If this box is checked, access can only be made using SSL, and connection requests on the HTTP port will be ignored. See the section on Certificate for further information on how the Spider identifies itself using a cryptographic certificate.
9: Services KVM Encryption Table 9-6 KVM Encryption Field Description KVM Encryption In addition to the SSL encryption of the Spider’s web pages, the keyboard, mouse, and video data may be encrypted. Select Off to use no encryption. Select Try for the Spider to attempt to make an encrypted connection but will back off to unencrypted if one cannot be established. Select Force for an encrypted connection to be made, or an error will be reported.
9: Services Authentication Limitation Table 9-8 Authentication Limitation Field Description Enable Screenshot Access without Authentication Select this option when you need to access the snapshot image without logging in to the Spider. If enabled, the screenshot can be read directly with http(s):///screenshot.jpg.
9: Services Figure 9-9 Certificate Signing Request Page 2. Modify the following fields. Table 9-10 SSL Server Certificate Management Field Description Common name The network name of the Spider once it is installed in the user’s network (usually the fully qualified domain name). It is identical to the name that is used to access the Spider with a web browser without the prefix http://.
9: Services Event Log The Event Log maintains a list of significant events locally. Alternatively it can use an NFS log file, SMTP email, or SNMP to distribute event information on the network. The Spider monitors five classes of events with the logging of each enabled or disabled. To configure event log settings, perform the following steps. 1. Click Services > Event Log. The Event Log page displays. Figure 9-11 Event Log Page 2.
9: Services Table 9-12 Event Log Targets Field Description SMTP Logging enabled With this option, the Spider is able to send emails to an address given by the email address. These emails contain the same description strings as the internal log file and the mail subject contains the event class. To use this log destination, specify an SMTP Server, the Receiver Email Address, and Sender Email Address. Enter the mail server and SMTP port as :.
9: Services Figure 9-14 SNMP Settings Page 2. Modify the following fields. Table 9-15 SNMP Settings Field Description Enable SNMP Agent Click the checkbox to enable the Spider SNMP agent, and enter the system location and the contact name for the system.
9: Services 3. Do one of the following: a. Click Save to save settings. b. Click Reset to Defaults to restore system defaults. c. Click Reset to restore original settings. KVM Search The KVM Search option enables you to view the properties of other Spiders on the network.
9: Services Figure 9-16 KVM Search Page Power Management The Power Management option enables you to manage the properties of the power system. It enables the monitoring of the Power Control Unit (PCU) that only applies to the SpiderDuo, and the sending of Wake-On-LAN (WOL) messages to a computer that has WOL enabled. To view the Power Management page, perform the following steps. 1. Click Services > Power Management. The Power Management page displays.
9: Services Figure 9-17 Power Management Page The Power Management web page contains two sections as displayed in Figure 9-17. The upper portion displays information about the SpiderDuo PCU. The PCU only applies to the SpiderDuo. The WOL applies to both the Spider and SpiderDuo devices. SpiderDuo Power Control Unit The SpiderDuo Power Control Unit section of the web page contains the power and PCU status. You can also enable or disable the PCU which requires a reboot.
9: Services If the second radio button is selected, the WOL message may be sent to any number of devices identified by a Device Name, IP Address (optional), or MAC address (entered into the respective text boxes). If no password is needed, this field should be left blank. WOL support is implemented on the motherboard of a computer and the network interface and is not dependent on the operating system running on the hardware, although the operating system can sometimes control the WOL behavior.
10: Maintenance This chapter describes various maintenance activities of an administrator. These include viewing status, backing up and restoring configuration files, updating firmware, viewing the event log, and resetting the unit. It contains the following sections: Device Status Configuration Update Firmware View Event Log Unit Reset iGoogle Gadgets Device Status The Device Status page contains a table with information about the Spider’s hardware and firmware.
10: Maintenance Table 10-2 Device Status Settings (continued) Field Description Connected Users Displays the user name and IP address of the active connection. It also displays whether the user is connected to the Remote Console, and if so, whether exclusive access mode is activated. System Identifier USB Status Displays the USB speed, keyboard, mouse, and mass storage status. Check the box to turn the ID indicator on and off. Each Spider has an orange LED that can be lit by remote control.
10: Maintenance 2. Edit the following fields. Table 10-4 Configuration Settings Field Description Configuration Backup To back up all settings to a file on the client system, click the Backup and save to your computer radio button. To save to a Spider, click the Backup and save to Spider radio button. Then, click Backup. Warning: Execution of the Backup and save to Spider option overwrites the backup file.
10: Maintenance Figure 10-5 Update Firmware Page 3. Click Browse. In the pop-up window, navigate and locate the firmware file. 4. Click Upload to copy the file into the Spider’s local memory. When uploaded correctly, the Firmware Upload window displays the version number of the new firmware. Click the Update button to replace the old with the new, or to cancel the operation, click the Discard button. Do not interrupt power to the Spider during the update process.
10: Maintenance Figure 10-6 Event Log Page 2. Navigate between logs by clicking Prev and Next. Unit Reset In general, the Spider requires a reset when implementing a firmware update. In the event of an abnormal operation, a number of subsystems may be reset without resetting the entire Spider. To reset the Spider, perform the following steps. 1. Log into the Spider as sysadmin. 2. Click Maintenance > Unit Reset. The following page displays.
10: Maintenance Figure 10-7 Unit Reset Page 3. Click the Reset button for Reset Keyboard/Mouse (PS/2), Reset USB, or Reset Video Engine to clear and reset the subsystem. Resetting subsystems does not terminate connected users. Note: Reset USB displays only on the SpiderDuo. 4. To perform a complete reset, click Reset Device. A prompt requesting confirmation displays. A complete reset closes all user connections and performs a full reboot.
10: Maintenance 3. Edit a file similar to the example below and save it with extension "xml." This example assumes the file is saved as spider1.xml. The sample code displays a snapshot and refreshes the image every minute. Also, clicking the snapshot opens the remote console program or spider web page, depending on your settings.
10: Maintenance Figure 10-8 iGoogle Gadget Page SecureLinx Spider/SpiderDuo User Guide 99
11: ManageLinx Integration and Configuration This chapter describes uploading the ManageLinx VIP Access Bootstrap XML configuration file that enables the VIP Access functionality on the Spider and Spider Duo. The Spider family VIP Access feature provides secure remote access to virtually any computer via Lantronix provision ManageLinx System. The Lantronix ManageLinx technology solves the access-through-firewall issue by using the existing network infrastructure to create a virtual device network (VDN).
11: ManageLinx Integration and Configuration Figure 11-1 Spider VIP Page 3. In the Bootstrap Upload section, click Browse. 4. Find the file to upload and click Upload. 5. At the Bootstrap Update window, click Update. Figure 11-2 Spider Bootstrap Update Screen 6. After the upload completes, enable the VIP Access feature by checking the Conduit Enabled box and clicking Save.
11: ManageLinx Integration and Configuration 2. Remove and insert the USB Thumb Drive directly into the SpiderDuo USB port (on the Spider Duo, not the cable). 3. Using a PC with a Web Browser, access and login to the SpiderDuo with a username that has VIP configuration permissions, such as sysadmin. 4. Click the Interfaces tab, then the VIP link (see Figure 11-3).
11: ManageLinx Integration and Configuration Accessing the Spider/SpiderDuo via its VIP Access tunnel requires HTTPS for connections. Non SSL Web connections (HTTP) are not supported. After the Conduit has been established, remote users can access the Spiders via a ManageLinx DSM defined VIP Route IP address that is on the remote user IP subnet (https://( VIP Route IP Address).
12: Command Reference This chapter lists and describes the command line interface (CLI) syntax and contains the following sections: Command Syntax Configuration Commands Connect Commands VIP Commands User Group Commands OEM Customization Commands Power Commands Serial Port Commands WOL (Wake on LAN) Commands USB Host Disk Commands Reboot Commands Diagnostic Commands Group Permissions Command Syntax Commands have the following format:
12: Command Reference Table 12-1 Action and Category (continued) Action Category admin config | reboot | version logout Terminates CLI session Command Help For general command help, type: help For more information about a specific command, type help followed by the command, for example: help set network OR type ? after the command: set network ? Tips Type enough characters to identify the action, category, or parameter name uniquely. For parameter values, type the entire value.
12: Command Reference Description Restores the Spider configuration and device database settings to factory defaults. Note: The unit reboots after this command. All current settings are lost. admin config show Syntax admin config show Parameters None Description Shows the current configuration. admin config save Syntax admin config save Parameters None Description Saves the current configuration. Note: Each time you use the admin config save command, the existing “config_save” file is overwritten.
12: Command Reference Description Connects the Spider to a device serial port. Note: To connect to a serial port, put the serial port in passthrough mode on the web interface. ESC exit Syntax ESC exit Description Available only when connected to a serial port. SSH Key Commands set sshkey delete Syntax set sshkey delete keyuser keyhost Description Deletes an imported SSH key.
12: Command Reference Parameters [keyuser ] [keyhost ] [viewkey ] Description Displays imported SSH keys.
12: Command Reference gateway hostname ipaddr ipv6 ipv6addr mask state Note: To clear IPV4 addresses, set ipv4 address to “0.0.0.0”.To clear IPV6 address, set ipv6 address to “::” or “::/128”.
12: Command Reference show network all Syntax show network all Description Displays all network settings. show network basic Syntax show network basic Description Displays basic network parameters. show network misc Syntax show network misc Description Displays network miscellaneous parameters. show network interface Syntax show network interface Description Displays network interfaces. show network all Syntax show network all Description Displays all network settings.
12: Command Reference Date/Time Command set datetime Syntax set datetime Parameters date utcoffset Notes: Note: MMDDYYhhmm[ss] can be: - MM is 1-12 - DD is 1-31 - YY is 00-99 - hh is 0-23 - mm is 0-59 - ss is 0-59 Offset string can be: - -11h, -10h, -9h, -8h, -7h, -6h, -5h, -4h, -3h, -2h, -1h - +/-0h, +1h, +2h, +3h, +4h, +5h, +6h, +7h, +8h, +9h, +10h, +11h, +12h Select only one offset as shown above.
12: Command Reference [tunnelportlist ] [configportlist ] [tunnelport] [configport] Examples To set a VIP tunnel port list to ports 22 and 30, enter the following CLI: set vip tunnelingportlist 22,30 Description Configures VIP parameters to connect to DSM. It is recommended that you import the settings from a bootstrap file created on the DSM.
12: Command Reference Description Sets user login, email address, group, and mobile phone number. set user delete Syntax set user delete Description Deletes a user login. set user password Syntax set user password Description Sets user password. show user name Syntax show user name [user ] Description Displays user names. show user Syntax show user [index ] Description Displays index numbers.
12: Command Reference set group delete Syntax set group delete Description Deletes user groups. show group name Syntax show group [name ] Description Displays group names. show group index Syntax show group [index ] Description Displays group indexes. Note: [Group of 'None (username)'] indicates that user was created without defining a group, and permissions will be assigned specifically to the user.
12: Command Reference Description Displays security parameters. Sysconfig Commands show sysconfig Syntax show sysconfig Description Displays a report of parameters with firmware version, serial number, basic network settings, security settings, user/group information, and basic system settings.
12: Command Reference show device all Syntax show device all Description Displays all devices. show device name Syntax show device name Description Displays device names.
12: Command Reference Power Commands set power Syntax set power Parameters [state ] Description Sets PCU parameters. show power Syntax show power Description Displays PCU status and settings. Serial Port Commands set serial mode Syntax set serial mode passthrough | config [] Parameters [baud <300-115200>] [databits <7|8>] [stopbits <1|2>] [parity ] [flowcontrol ] Description Set serial port parameters for each mode.
12: Command Reference WOL (Wake on LAN) Commands connect wakeonlan device Syntax connect wakeonlan device [Device Name] Description Sends a WOL packet to a specified device. connect wakeonlan macaddr Syntax connect wakeonlan macaddr [MAC Address] [password ] Note: MAC address must be in hex format: 'XX:XX:XX:XX:XX:XX' Description Sends a WOL packet to specified MAC address. USB Host Disk Commands Note: The following USB Host Disk commands are available for the SpiderDuo only.
12: Command Reference usbhost disk dump Syntax usbhost disk dump Description Dumps the first 256 lines or 1M bytes of the specified file content of a USB thumb drive. Reboot Commands admin reboot Syntax admin reboot Description Immediately terminates all connections and reboots the device. Diagnostic Commands diag ping Syntax diag ping | ping6 Description Verifies if the Spider/SpiderDuo can reach a host over the network.
12: Command Reference kt: KVM Settings(Type/Deployment) ks: Keyboard/Mouse Settings ld: LDAP Settings ns: Network Settings pc: Change Password po: Power Control sn: SNMP Settings sa: SSH/Telnet Access sm: SSL Certificate Management sl: Security/Log/Authentication ss: Serial Settings us: USB Settings um: User/Group Management vs: Video Settings va: Video Settings(Advanced) vu: Virtual Media UpLoad SecureLinx Spider/SpiderDuo User Guide 120
A: Troubleshooting No connection can be established to the Spider Check cabling. Are both USB cables or all of the USB and PS/2 cables plugged in? Are both Pwr LEDs lit? Is the Ethernet cable plugged in, and the Link light lit? Is there Activity? Have a look on your network. Verify your network configuration (IP address, router). Send a ping request to the Spider to find out whether the Spider is reachable via the network. Establish a direct connection between the Spider and the client.
A: Troubleshooting {permission java.lang.RuntimePermission "accessClassInPackage.sun.*"; to the java policy file of opera (e.g., /usr/share/opera/java/opera.policy). I forgot my password. How can I reset the Spider to factory defaults? Use the serial interface with a terminal emulator program set to 9600 or 115200, 8 bit characters, No parity, 1 Stop bit, and No flow control. Within 2 seconds of booting the Spider, press the Esc key a few times to get a =>prompt. Type defaults at the => prompt.
B: Virtual Media Example Goal In this example, the goal is to put a rescue CD (a CD used to boot a PC when the hard-disk corruption prevents OS boot) on PC#3 so that the rescue CD can be used by any Spiders on the network. Figure B - 1 Virtual Media In this example, PC#2 cannot boot from its hard disk, so the user wants to use the rescue CD to boot the PC. We assume PC#2 can boot from external USB device. Step 1 – Prepare the VM Server 1.
B: Virtual Media Example 3. Right-click the folder aaa and select the “sharing” menu. The default name is the folder name but changed to share_some_folder as shown in the diagram below. Figure B - 3 Firewall Properties Window Now, the file boot.iso can be used from a Spider. The file can be left there permanently, and when a PC/server crashes and cannot boot, the combination of this file and the Spider will be used to boot the PC/server.
B: Virtual Media Example 2. Go to the Virtual Media page and complete the fields in the Image on Windows Share section of the page as shown in the diagram below. Figure B - 4 Virtual Media Page 3. Click Set, and see that the Virtual Media Active Image section now contains data as shown in the diagram below.
B: Virtual Media Example Step 3 – Use the Virtual Media 1. PC#2 shown in the diagram below is a Linux PC. Figure B - 6 Linux PC Window 2. Once Step 1 is done, PC#2 will detect a new USB CD drive connected to its USB as shown in the diagram below. The CD is shown below as Fedora Core because that is the volume name of the rescue CD (boot.iso is the ISO image of this CD). Figure B - 7 Linux PC Window and USB CD 3. You should be able to boot from the external USB device (boot.iso) on PC#2.
C: Supported Resolutions and Refresh Rates Table C-1 lists the supported resolution and refresh rates for video.
D: Mounting Bracket Kit A versatile mounting bracket and screws are supplied to assist in easily installing and mounting a single Spider/SpiderDuo into a server rack in various orientations (e.g., horizontal or vertical). The kit number is 083-015-R. Figure D-1 Mounting Bracket and Screws The kit includes: One (1) 4.
: Figure D-3 Attaching the Device to the Mounting Bracket 3. Connect the cables and the Spider/SpiderDuo is ready to use! Figure D-4 Table D-5 Connecting the Cables Lantronix Part Number and Description Lantronix Part Number Description 083-015-R Mounting Bracket Kit for Spider The bracket kit is included in the box with the Spider/SpiderDuo that ship with v2.0 firmware and later. For earlier shipments, the mounting kit is sold separately.
E: PCU Safety Information Please follow the safety precautions described below when installing and operating the PCU. Cover Do not remove the cover of the PCU. There are no user-serviceable parts inside. Opening or removing the cover may expose you to dangerous voltage that could cause fire or electric shock. Refer all servicing to Lantronix. Power Plug When disconnecting the power cable from the socket, pull on the plug, not the cord.
F: Technical Support If you are unable to resolve an issue using the information in this documentation, contact the following resources. Technical Support US Check our online knowledge base or send a question to Technical Support at http://www.lantronix.com/support. Phone: (800) 422-7044 (949) 453-7198 Technical Support Europe, Middle East, Africa Phone: +33 1 39 30 41 72 Email: mailto:eu_techsupp@lantronix.com or mailto:eu_support@lantronix.
G: Compliance The following meet the ISO/IEC Guide 17050-1, 17050-2 and EN 45014 compliances. Manufacturer Name & Address Lantronix, Inc., 167 Technology, Irvine, CA 92618 USA Declares that the following product: Product Name: SecureLinx Spider Conforms to the following standards or other normative documents: UL/CUL (CSA-22.2 No. 60950-1-03 / UL-60950-1) CE - IEC 60950-1 C-Tick FCC Part 15, Equipment Class A VCCI V-3/2006.
G: Compliance RoHS Notice All Lantronix products in the following families are China RoHS-compliant and free of the following hazardous substances and elements: ² ² Lead (Pb) Cadmium (Cd) Product Family Name UDS1100 and 2100 EDS MSS100 IntelliBox XPress DR & XPress-DR+ SecureBox 1101 & 2101 WiBox UBox MatchPort SLC XPort WiPort SLB SLP SCS Spider DSC ² ² Mercury (Hg) Hexavalent Chromium (Cr (VI)) ² ² Toxic or hazardous Substances and Elements Lead Mercury Cadmium Hexavalent (Pb) (Hg) (Cd) Chromium (
