IOLAN STS24 - Server Perle - Free user manual and instructions

USER MANUAL IOLAN STS24 Perle

SDS/SCS/STS/MDC User's Guide

Version 4.8

Part #5500161-47 (Rev F)

June 2016

Copyright Statement

This document must not be reproduced in any way whatsoever, either printed or electronically, without the consent of:

Perle Systems Limited,

60 Renfrew Drive

Markham, ON

Canada

L3R 0E1

Perle reserves the right to make changes without further notice, to any products to improve reliability, function, or design.

Perle, the Perle logo, and IOLAN are trademarks of Perle Systems Limited.

Microsoft, Windows NT ^® /Windows 2000 ^® /Windows Vista ^® /Windows Server 2003 ^® /Windows 2003 R2 ^® /Windows 2008 ^® /Windows 2008 R2 ^® /Windows XP ^® /Windows 7 ^® /Windows 8 ^® /Windows 8.1 ^® /Windows Server 2012 ^® /Windows Server 2012 R2 ^® and Internet Explorer ^® are trademarks of Microsoft Corporation.

Netscape is a trademark of Netscape Communications Corporation.

Mozilla Firefox is a trademark of the Mozilla Foundation.

Solaris is a registered trademark of Sun Microsystems, Inc. in the USA and other countries.

Perle Systems Limited, 2005-2016.

FCC Note

The IOLAN Device Server has been found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions in this Guide, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case the user will be required to correct the interference at his/her own expense.

EN 55022: 1998, Class A, Note

WARNING This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.

Caution: the IOLAN Device Server is approved for commercial use only.

ATEX Directive Information: (ONLY APPLIES TO THE IOLAN SDS4 HL MODEL!)

In order to comply with the ATEX directive, the IOLAN SDS4 HL must be installed in an ATEX certified IP54 min. enclosure and the IOLAN SDS4 HL must be installed so that the unit's labelling is visible after installation.

ATEX labelling;

II 3G

Ex nA nL IIC T5

ETL09ATEX41125X

Perle Systems Limited

60 Renfrew Drive,

Markham, Ontario.

L3R 0E1

Canada

2009

WARNING The IOLAN Device Server SDS T models operate in an ambient air temperature above 70 °C. However, at 70 °C and above, a burn hazard exists if the metal case is touched without proper hand protection.

perle

IOLAN SDS4 W

Conforms to ANSI/UL 60950-1

Certified to CAN/CSA STD.C22.2 No 60950-1

This equipment complies with the requirements in Part 15

of the FCC Rules and EN55022 for a Class B computing device

FCC ID: Z64-WL18DBMOD

Serial Number:93-031815M10001

ETHERNET Address: 00:80:D4:1C:00:0E

WLAN Address: 00:80:D4:2C:00:0E

Wireless Password : 32216004

9-30VDC

- - ⊙ +

Max. Current input:

0.56A

Made in Canada

perle

IOLAN SDS1 W

Conforms to ANSI/UL 60950-1

Certified to CAN/CSA STD.C22.2 No 60950-1

This equipment complies with the requirements in Part 15

of the FCC Rules and EN55022 for a Class B computing device.

FCC ID: Z64-WL18DBMOD

Serial Number: 93-011815M10001

ETHERNET Address: 00:80:D4:1C:00:0C

WLAN Address: 00:80:D4:2C:00:0C

9-30VDC

- - (● - +

Max. Current Input:

0.45A

Wireless Password:10094882

Made in Canada

perle

IOLAN SDS2 W

Conforms to ANSI/UL 60950-1

Certified to CAN/CSA STD.C22.2 No 60950-1

This equipment complies with the requirements in Part 15

of the FCC Rules and EN55022 for a Class B computing device

ETHERNET Address:00:80:D4:1C:00:0D

WLAN Address:00:80:D4:2C:00:0D

9-30VDC

- - ⊙ +

Max. Current input:

0.50A

Wireless Password:21105993

Made in Canada

Table 0-1

Table of Contents

Preface ....25

About This Book 25

Intended Audience.... 25

Documentation 25

Typeface Conventions.... 26

Online Help 26

Chapter 1 Hardware and Connectivity .....27

Introduction...... 27

IOLAN Components....27

What's Included 27

What You Need to Supply....27

Available Accessories....28

Power Supply Specifications.... 28

Desktop Models (DS and SDS).... 28

Power Over Ethernet (PoE) Models 28

I/O Models 29

Rack Mount Models (except Electric Utility models) 29

DC Power Requirements 29

AC Power Requirements.... 29

Medical Unit Models....29

Electric Utility Models 29

Power Options.... 29

DC Power Requirements 30

AC Power Requirements.... 30

TELCO-NEBS Models....30

Getting to Know Your IOLAN 31

Overview....31

1-Port 33

2-Port 34

4-Port and 8-Port desktop models....35

I/O....36

Top View 36

End View of IOLAN I/O 36

1-port, 2-port and 4-Port Wireless desktop models .... 37

Top View (1 or 2 Port).... 37

Top View (4 port RJ-45) 38

End Views of IOLAN Wireless.... 38

Rack Mount 39

Console Port/LED View 39

Serial/Ethernet View.... 39

Medical Unit 40

Top View 40

Serial View 40

Power/Ethernet View 40

Electric Utility models....41

Front (LED/Console port)View 41

Back (Serial/Ethernet/power) View 41

Console/Serial Switch 42

Console Mode 42

Serial Mode 42

Dedicated Console Port 43

Connecting your IOLAN to the Network 43

Connecting the IOLAN to the Wi-Fi Network.... 43

Initial Setup - Soft-AP Method 43

Powering up your IOLAN 44

Desktop/Rack Mount Models (excluding Electric Utility models)..... 44

Medical Unit Models 44

Terminal Block Models 45

DC Power Models (excluding Electric Utility models) 46

Disconnecting 48V Power Supplies from the IOLAN 47

Electric Utility Models 47

Wiring 47

Wiring up an HV unit 48

Install Locations for LDC Models 51

Wiring up a the Fail-Safe Relay 51

About the IOLAN 53

IOLAN Family Models 53

Chapter 2 Introduction....53

IOLAN Features.... 54

Hardware 54

Software 56

Accessing the IOLAN 56

General Features 56

Advanced Features 56

Security 57

Chapter 3 Configuration Methods ....58

Introduction 58

Configuration Methods Overview.... 59

Configures an IP Address....59

Requires a Configured IP Address 59

Easy Config Wizard 60

DeviceManager....61

Overview....61

Access Platforms 61

Features....61

Connecting to the IOLAN Using DeviceManager 61

Using DeviceManager 63

Navigating the Options.... 63

Downloading the Configuration 64

WebManager.... 64

Overview....64

Access Platforms 64

Features......64

Connecting to the IOLAN Using WebManager 65

Using WebManager 66

Command Line Interface 67

Overview....67

Access Platforms 67

Features......67

Connecting to the IOLAN Using the CLI....67

Through the Network.... 67

Through the Serial Port 68

Using the CLI 68

Menu....68

Overview....68

Access Platforms 68

Features......68

Connecting to the IOLAN Using the Menu....68

Using the Menu....69

DHCP/BOOTP 70

Overview....70

Features....70

Connecting to the IOLAN Using DHCP/BOOTP....70

Using DHCP/BOOTP....70

DHCP/BOOTP Parameters....71

SNMP 72

Overview....72

Access Platforms 72

Features....72

Connecting to the IOLAN Using SNMP 72

Using the SNMP MIB 73

IOLAN+ Interface....74

Overview....74

Access Platforms 74

Connecting to the IOLAN to Use the IOLAN+ Interface 74

Using the IOLAN+ Interface....74

Changes to the IOLAN+ Interface 75

Chapter 4 Getting Started....79

Introduction 79

Easy Configuration Wizard 80

Setting Up the Network 81

Using DeviceManager 81

Using WebManager 82

Using a Direct Serial Connection to Specify an IP Address.... 82

Using a Direct Serial Connection to Enable BOOTP/DHCP 83

Using ARP-Ping 84

For an IPv6 Network 84

Setting Up the Serial Port(s) 85

Setting Up Users 87

Chapter 5 Using DeviceManager and WebManager......88

Introduction 88

Navigating DeviceManager/WebManager.... 89

DeviceManager 89

WebManager 90

EasyPort Web 90

Using DeviceManager to Connect to the IOLAN.... 91

Starting a New Session....91

Assigning a Temporary IP Address to a New IOLAN....92

Adding/Deleting IOLANs Manually 93

Logging in to the IOLAN 93

Using WebManager to Connect to the IOLAN.... 94

Logging into the IOLAN 94

Configuration Files 95

Creating a New IOLAN Configuration in DeviceManager 95

Importing an Existing Configuration File 95

Managing the IOLAN....95

Chapter 6 Network Settings .....96

Introduction....96

IPv4 Settings....96

Overview 96

Field Descriptions.... 96

IPv6 Settings....98

Overview 98

Field Descriptions.... 98

Adding/Editing a Custom IPv6 Address 99

Advanced 100

Overview 100

Field Descriptions.... 100

WLAN 103

Overview 103

Client Mode 103

Soft-AP Mode 103

Back to Back IOLANs....104

WLAN Global Settings 104

WLAN Profiles....106

Overview 106

Add/Edit/Delete 107

Security/ Encryption....108

Soft-AP Mode 109

Overview 109

Advanced.... 111

Host Table 111

Overview 111

Functionality.... 111

Field Descriptions.... 111

Adding/Editing a Host....111

IP Filtering....112

Overview 112

Functionality 112

Field Descriptions.... 112

Route List....113

Overview 113

Functionality 113

Field Descriptions.... 113

Adding/Editing Routes.... 114

DNS/WINS.... 115

Overview 115

Functionality 115

Field Descriptions.... 115

Editing/Adding DNS/WINS Servers.... 116

RIP....116

Overview 116

Functionality 116

Field Descriptions.... 117

Dynamic DNS 118

Overview 118

Functionality 118

Field Descriptions.... 118

Account Settings 119

Cipher Suite Field Descriptions.... 120

Adding/Editing a Cipher Suite 121

Validation Criteria Field Descriptions 122

IPv6 Tunnels 123

Overview 123

Field Descriptions.... 123

Adding/Editing an IPv6 Tunnel 125

Chapter 7 Configuring Users ....126

Introduction 126

User Settings.... 127

Overview....127

Functionality 127

Adding/Editing Users 128

General Tab.... 128

Overview 128

Functionality 128

Field Descriptions.... 128

Services Tab 130

Overview 130

Functionality 130

Field Descriptions.... 130

Advanced Tab 132

Overview 132

Field Descriptions.... 132

Sessions Tab 134

Overview 134

Functionality 134

Field Descriptions.... 134

Serial Port Access Tab.... 136

Overview 136

Field Descriptions.... 136

Introduction 137

Authentication.... 137

Chapter 8 Configuring Security ....137

Authentication 138

Local 139

Overview 139

Field Descriptions.... 139

RADIUS....140

Overview 140

General Field Descriptions.... 140

Attributes Field Descriptions 141

Kerberos.... 142

Field Descriptions.... 142

LDAP/Microsoft Active Directory 143

Overview 143

Field Descriptions.... 143

TACACS+ 145

Overview 145

Field Descriptions.... 145

SecurlD....146

Overview 146

Field Descriptions.... 146

NIS....147

Field Descriptions.... 147

SSH....148

Overview.... 148

Functionality 148

Users Logging into the IOLAN Using SSH 148

Users Passing Through the IOLAN Using SSH (Dir/Sil) 149

Field Descriptions 150

SSL/TLS 151

Overview....151

Functionality 151

Field Descriptions 152

Cipher Suite Field Descriptions.... 153

Adding/Editing a Cipher 154

Validation Criteria Field Descriptions 155

VPN....156

Overview....156

Functionality 157

IKE Phase 1 Proposals 157

ESP Phase 2 Proposals.... 157

IPsec 157

Field Descriptions.... 157

Adding/Editing the IPsec Tunnel 159

Shared Secret Field Description 161

Remote Validation Criteria Field Descriptions.... 162

L2TP/IPsec 163

Field Descriptions.... 163

Exceptions 164

Field Descriptions.... 165

Adding/Editing a VPN Exception 165

Advanced 166

Field Description 166

HTTP Tunneling 167

Functionality 167

Adding/Editing the HTTP Tunnel 167

Field Descriptions.... 167

Configuring HTTP Tunnel 168

Field Descriptions.... 168

Configuring HTTP Tunnel Proxy 169

Field Descriptions.... 169

Configuring HTTP Tunnel Proxy Advanced.... 170

Field Descriptions.... 170

Configuring HTTP Tunnel Destination 170

Field Descriptions.... 171

Services 173

Overview....173

Functionality 173

Field Descriptions 173

Keys and Certificates 175

Chapter 9 Configuring I/O Interfaces....177

Introduction.... 177

Technical Specifications 177

Settings.... 178

Overview....178

I/O Access Functionality....178

Field Descriptions.... 178

Advanced Slave Modbus Settings 179

Failsafe Timer Functionality....181

Overview 181

Field Descriptions.... 181

UDP Functionality....182

Overview 182

Field Descriptions.... 182

I/O UDP Settings.... 183

Temperature Functionality 184

Overview 184

Field Descriptions.... 184

Channels.... 185

Analog 185

Overview 185

Field Descriptions.... 186

Digital Input....187

Overview 187

Functionality.... 187

Field Descriptions.... 188

Digital Output....190

Overview 190

Functionality.... 190

Field Descriptions.... 191

Relay 193

Overview 193

Field Descriptions.... 194

Digital I/O Extension....195

Overview 195

Functionality 196

Field Descriptions.... 197

Adding/Editing Additional Hosts 199

Adding/Editing a Multihost Entry 199

Temperature....201

Field Descriptions.... 202

Alarm Settings 203

Basic Analog Alarm Settings.... 203

Advanced Analog Alarm Settings.... 204

I/O UDP 206

UDP Unicast Format....206

UDP Broadcast Packet 206

Analog Section.... 207

Digital/Relay Section.... 208

Serial Pin Signal Section 208

UDP Unicast Example 209

I/O Modbus Slave 209

Modbus Serial Application Connected to the Serial Port...... 209

Modbus Serial Application Connected to the Network.... 209

Modbus TCP Application 210

Modbus I/O Access 210

Function Codes 210

I/O Coil/Register Descriptions....211

Serial Port Coil/Register Descriptions.... 212

A4/T4 Registers 212

A4D2/A4R2 Registers.... 213

D4/D2R2 Registers 214

Serial Pin Signals 214

TruePort I/O 215

TruePort/Modbus Combination.... 215

API Over TruePort Only 216

Accessing I/O Data Via TruePort 217

Introduction......217

Setup....217

Format of API Commands 218

Get Commands 218

Command Format 218

Response Format.... 218

Set Commands 219

Command Format 219

Successful Response Format 220

Unsuccessful Response Format 220

Error Codes....221

I/O SNMP Traps 221

Chapter 10 Configuring the Option Card ......222

Introduction 222

Option Card Settings 222

Overview....222

Functionality 222

Configuring the IOLAN Modem Card 222

Configuring a Wireless (PCMCIA) WAN Card 223

Overview....223

Field Descriptions ...... 223

Configuring a USB Modem 225

Overview....225

Field Descriptions 225

Configuring a Fiber Optic Card 227

Overview....227

Field Descriptions ...... 227

Chapter 11 Configuring Clustering....228

Introduction 228

Clustering Slave List 228

Overview....228

Adding Clustering Slaves 229

Overview 229

Field Descriptions.... 229

Advanced Clustering Slave Options.... 230

Overview 230

Editing Clustering Slave Settings 230

Chapter 12 Configuring the System ......232

Introduction 232

Alerts 232

Email Alerts....232

Overview 232

Functionality 232

Field Descriptions.... 233

Syslog....235

Overview 235

Field Descriptions.... 235

Management 236

SNMP 236

Overview 236

SNMP Tab Field Descriptions 236

SNMP Traps Tab Field Descriptions.... 238

Time 240

Overview 240

Functionality 240

Network Time Tab Field Descriptions 240

Time Zone/Summer Time Tab Field Descriptions 242

Custom App/Plugin 243

Overview 243

Field Description 243

Advanced 244

Overview 244

Advanced Tab Field Descriptions 244

Bootup Files Tab Field Descriptions 245

Message of the Day (MOTD) Tab Field Descriptions 246

TFTP Tab Field Descriptions 247

SFTP Tab Field Descriptions 248

Console Port Tab Field Descriptions.... 249

Chapter 13 Control RPS, I/O Channels, IPsec, WLANs250

Introduction 250

RPS Control.... 250

Overview....250

Field Descriptions 250

Plug Control....251

Overview 251

Field Descriptions.... 251

Serial Port Power Control 253

Overview....253

Field Descriptions 253

Power Plug Status.... 253

I/O Channels 254

Overview....254

IPsec Tunnel Control 255

WLAN Control 256

Scan 256

Overview 256

Start WPS 257

Restart 257

Chapter 15 System Administration....258

Introduction 258

Managing Configuration Files 258

Saving Configuration Files 258

Downloading Configuration Files 259

Downloading Configuration Files to Multiple IOLANs.... 260

Uploading Configuration Files 261

Specifying a Custom Factory Default Configuration 261

Resetting the IOLAN to the Default Configuration 262

Downloading IOLAN Firmware 262

Calibrating I/O 262

Calibrating Analog Input....262

Calibrating Voltage 263

Calibrating Current 263

Calibrating Temperature Input 263

Calibrating Thermocouple 263

Calibrating RTD 263

Calibrating Analog Channels 264

Resetting Calibration Data....264

Setting the IOLAN's Date and Time.... 265

Rebooting the IOLAN 265

Resetting Serial Port Statistics.... 265

Resetting the IOLAN to Factory Defaults 265

Resetting the SecurID Node Secret.... 266

Language Support 266

Loading a Supplied Language 266

Translation Guidance....267

Software Upgrades and Language Files 267

Downloading Terminal Definitions.... 268

Creating Terminal Definition Files 268

Resetting Configuration Parameters 269

Lost admin Password.... 270

Chapter 16 Applications ......271

Introduction 271

Configuring Modbus 271

Overview....271

Configuring a Master Gateway.... 271

Configuring a Slave Gateway.... 271

Modbus Gateway Settings.... 272

Modbus Master Gateway 272

Modbus Slave Gateway 272

Modbus Serial Port Settings.... 273

Modbus Master Settings 273

Modbus Slave Settings 274

Configuring PPP Dial On Demand.... 275

Setting Up Printers 276

Remote Printing Using LPD....276

Remote Printing Using RCP 277

Remote Printing Using Host-Based Print Handling Software ...... 277

Configuring a Virtual Private Network 278

IOLAN-to-Host/Network 278

Network-to-Network 281

Host-to-Host....282

VPN Client-to-Network 284

Configuring HTTP Tunnels 285

Serial-to Serial 285

Serial-to Host 287

Host-to Host 289

Tunnel Relay 292

Appendix A RADIUS and TACACS+ ......296

Introduction 296

RADIUS 296

Supported RADIUS Parameters 296

Accounting Message.... 300

Mapped RADIUS Parameters to IOLAN Parameters 301

Perle RADIUS Dictionary Example.... 303

TACACS+ 305

Accessing the IOLAN Through a Serial Port Users 305

Accessing the IOLAN Through a Serial Port User Example Settings307

Accessing the IOLAN from the Network Users 308

Accessing the IOLAN from the Network User Example Settings .... 309

Appendix B SSL/TLS Ciphers ....310

Introduction 310

Valid SSL/TLS Ciphers 310

Appendix C Virtual Modem AT Commands ....313

Virtual Modem Initialization Commands.... 313

Appendix D Pinouts and Cabling Diagrams ......315

Serial Pinouts 315

DB25 Male 315

DB25 Female 316

RJ45....317

RJ45 (for desktop and rack mount models) 318

RJ45 (for SCS48C/SCS32C/SCS16C/SCS8C models).... 319

RJ45 (for SDS32C/SDS16C/SDS8C) 320

RJ45 (for medical unit models) 321

DB9 Male (Serial Only) 321

DB9 Male I/O....322

Power Over Ethernet Pinouts 322

EIA-232 Cabling Diagrams 323

Terminal DB25 Connector 323

DB25 Male 323

DB25 Female 323

RJ45.... 324

DB9 Male 325

Modem DB25 Connector.... 326

DB25 Male 326

RJ45 326

DB9 Male 327

Chapter E Configuring Serial Ports ....328

Introduction 328

Serial Ports 328

Overview.... 328

Functionality 328

Editing a Serial Port 329

Copying a Serial Port 330

Resetting a Serial Port 331

Serial Port Profiles.... 331

Common Tabs.... 331

Overview 331

Hardware Tab Field Descriptions.... 332

Email Alert Tab Field Descriptions 334

Packet Forwarding Tab Field Descriptions 335

SSL/TLS Settings Tab Field Descriptions 338

Cipher Suite Field Descriptions.... 339

Adding/Editing a Cipher Suite 340

Validation Criteria Field Descriptions 341

Console Management Profile 343

Overview 343

Functionality 343

General Tab Field Descriptions.... 343

Advanced Tab Field Descriptions 344

TruePort Profile 347

Overview 347

Functionality 347

General Tab Field Descriptions.... 347

Adding/Editing Additional TruePort Hosts 349

Adding/Editing a Multihost Entry 350

Advanced Tab Field Descriptions 350

TCP Sockets Profile 354

Overview 354

Functionality 354

General Tab Field Descriptions.... 354

Adding/Editing Additional Hosts 356

Adding/Editing a Multihost Entry 356

Advanced Tab Field Descriptions 357

UDP Sockets Profile 360

Overview 360

Functionality 360

General Tab Field Descriptions.... 363

Advanced Tab Field Descriptions 364

Terminal Profile 365

Overview 365

Functionality 365

General Tab Field Descriptions.... 365

Advanced Tab Field Descriptions 367

User Service Settings.... 369

Login Settings 369

Telnet Settings 369

Rlogin Settings 370

SSH Settings.... 371

SLIP Settings 373

PPP Settings 374

Printer Profile 380

Overview 380

General Tab Field Descriptions 380

Advanced Tab Field Descriptions 381

Serial Tunneling Profile 382

Overview 382

Functionality 382

General Tab Field Descriptions.... 383

Advanced Tab Field Descriptions 384

Virtual Modem Profile.... 385

Overview 385

Functionality 385

General Tab Field Descriptions.... 385

Advanced Tab Field Descriptions 387

Phone Number to Host Mapping 389

VModem Phone Number Entry 389

Control Signal I/O Profile 390

Overview 390

Functionality 390

General Tab Field Descriptions.... 390

Input Signal Field Descriptions.... 391

Output Signal Field Descriptions.... 392

Modbus Gateway Profile.... 393

Overview 393

Functionality 393

General Tab Field Descriptions.... 393

Advanced Field Descriptions.... 394

Modbus Slave IP Settings Field Descriptions 395

Adding/Editing Modbus Slave IP Settings.... 397

Modbus Slave Advanced Settings Field Descriptions.... 398

Power Management Profile.... 400

Overview 400

Functionality 400

General Tab Field Descriptions 400

Advanced Tab Field Descriptions 400

Editing Power Management Plug Settings Field Descriptions ..... 401

Monitoring Tab Field Descriptions.... 402

Remote Access (PPP) Profile 404

Overview 404

Functionality 404

General Tab Field Descriptions.... 405

Dynamic DNS Field Descriptions 406

Authentication Tab Field Descriptions.... 407

Advanced Tab Field Descriptions 410

Remote Access (SLIP) Profile 414

Overview 414

General Tab Field Descriptions 414

Advanced Tab Field Descriptions 415

Custom Application Profile 417

Overview 417

Functionality 417

General Tab Field Description 417

Advanced Tab Field Description 417

Port Buffering 419

Overview....419

Functionality 419

Local Port Buffering.... 419

Remote Port Buffers.... 420

Field Definitions.... 420

Advanced 422

Advanced Serial Settings Tab 422

Overview 422

Field Descriptions.... 422

Modems Tab....424

Overview 424

Functionality 424

Adding/Editing a Modem 424

TruePort Baud Rate Tab 425

Overview 425

Functionality 425

Field Definitions.... 425

Appendix F Setting Jumpers....426

Introduction 426

1-Port IOLAN DB25 Male/Female 426

1-Port IOLAN RJ45 427

1-Port IOLAN RJ45 P (Power Over Ethernet) 427

1-Port IOLAN DB9....428

2-Port IOLAN SDS1M (Modem)...... 428

2-Port IOLAN 429

2-Port IOLAN RJ45 P (Power Over Ethernet) 429

4-Port Desktop IOLAN 430

Digital I/O Module 431

Analog Input Module 431

Appendix G I/O Wiring Diagrams......433

Wiring I/O Diagrams...... 433

Digital I/O 433

Digital Input Wet Contact 433

Digital Input Dry Contact 433

Digital Output Sink 434

Digital Output Source 434

Analog Input 435

Current 435

Voltage 435

Temperature Input 436

Thermocouple 436

RTD 2-Wire 436

RTD 3-Wire 436

RTD 4-Wire 437

Relay Output 437

Normally Open Contact 437

Normally Closed Contact 437

Appendix H Utilities 438

Introduction 438

TruePort 438

API I/O Access Over TruePort 439

API Request Format 439

API Response Format 439

Error Codes 440

Decoder...... 440

Appendix I Accessories....441

Introduction 441

Installing a Perle PCI Card 441

Starter Kit (Adapters/Cable) 444

RJ45F to DB25M DTE Crossover Adapter.... 444

RJ45F to DB25M DCE Modem Adapter 445

RJ45F to DB25F DTE Crossover Adapter 446

RJ45F to DB9M DTE Crossover Adapter.... 447

RJ45F to DB9F DTE Crossover Adapter 448

Sun/Cisco RJ45M Connector Cable for Rack Mount Models 448

SCS48C/SCS32C/SCS16C/SCS8C Starter Kit.... 449

RJ45F to DB25M DTE Crossover Adapter.... 449

RJ45F to DB25M DCE Modem Adapter 450

RJ45F to DB25F DTE Crossover Adapter 451

RJ45F to DB9M DTE Crossover Adapter.... 452

RJ45F to DB9F DTE Crossover Adapter 453

Sun/Cisco Roll-Over Adapter for Rack Mount Models...... 453

Appendix J Troubleshooting....454

Introduction 454

Hardware Troubleshooting 454

Communication Issues...... 455

DeviceManager Problems 455

Host Problems.... 456

RADIUS Authentication Problems.... 456

Login Problems 457

Problems with Terminals 457

Unknown IP Address 458

DHCP/BOOTP Problems.... 458

Callback Problems 458

Language Problems.... 458

Modem Problems 459

PPP Problems 459

Printing Problems 459

Long Reboot Cycle 459

SSL/TLS 460

I/O Models 460

IPv6 Issues 461

Contacting Technical Support 462

Making a Technical Support Query 462

Who To Contact 462

Have Your Product Information Ready 462

Making a support query via the Perle web page 462

Repair Procedure....463

Feedback on this Manual....463

Appendix K Data Logging 464

Introduction 464

Trueport Profile 464

TCP Socket Profile 464

Appendix L Modbus Remapping ....465

Configuring the Modbus UID Translation Feature 465

Appendix M Symmetric Key File......467

Symmetric Key File.... 467

Appendix N Troubleshooting the USB Modem .....468

Modem not connecting to the network. 468

USB Modem Support and Custom Options...... 471

Downloading Custom USB Modem Configuration Files...... 471

Glossary 473

Index 475

Preface

About This Book

This guide provides the information you need to:

• configure the IOLAN
  • incorporate the IOLAN into your production environment

Intended Audience

This guide is for administrators who will be configuring the IOLAN.

Some prerequisite knowledge is needed to understand the concepts and examples in this guide:

• If you are using an external authentication application(s), working knowledge of the authentication application(s).
  • Knowledge of SFTP/TFTP, the transfer protocol the IOLAN uses.

Documentation

The following documentation is included on the IOLAN installation CD:

• IOLAN 1-Port Quick Start Guide
• IOLAN 2-4-Port Quick Start Guide
• IOLAN 1-2-4 Port SDS W Quick Start Guide
• IOLAN Rack Mount Quick Start Guide
• IOLAN I/O Quick Start Guide
• IOLAN Electric Utility Terminal Server Quick Start Guide
• IOLAN SDS/SCS/STS/MDC User's Guide
• IOLAN SDS/SCS/STS/MDC Command Line Reference Guide
• IOLAN MDC Hardware Installation Guide
• TruePort User's Guide
TruePort Installation and Configuration Guide for Windows NT®
- Link to knowledge base

• Online Help in the DeviceManager (automatically installed with the DeviceManager application)

Typeface Conventions

Most text is presented in the typeface used in this paragraph. Other typefaces are used to help you identify certain types of information. The other typefaces are:

Online Help

Online help is provided in the DeviceManager. You can click on the What's This button (✗ or ?) and then click on a field to get field-level help. Or, you can press the F1 key to get window-level help. You can also get the User's Guide online by selecting Help, Help Topics.

Hardware and Connectivity

Introduction

This chapter describes how to physically set up your IOLAN unit. It includes an overview of the IOLAN hardware components and how to power up the IOLAN to make sure it works correctly.

IOLAN Components

What's Included

The following components are included with your product:

• IOLAN unit
  • External power supply (desktop models only)

SDS P (Power Over Ethernet) models, I/O models, HL model and terminal block models do not have an external power supply.

• Quick Start Guide (all IOLAN models except medical unit models). Soft copy exists on the CDROM.
  A CD-ROM containing documentation, firmware, configuration software, TruePort, etc.
• All IOLAN models (except medical unit models) that have an RJ45 serial connector(s) come with an RJ45→DB9F adapter

Added components for rack mount models:

• 3' CAT5 RJ45 Administration cable
- Rack mounting kit
- (SCS models only) IOLAN Cable Starter Kit (see Appendix I, Accessories for pinout diagrams).

Added components for medical unit models:

• multi-function wall plate and associated mounting kit
• IOLAN MDC Hardware Installation Guide (a soft copy also exists on the CDROM)
  • IOLAN MDC & Philips DeviceLink II System Integration Guide

Added components for wireless models:

• 1/2 x RP-SMA Antennas
• Power cord strain relief strap
• Wall Mount brackets
Rubber feet

What You Need to Supply

Before you can begin, you need to have the following:

• A serial cable(s) to connect serial devices to your IOLAN unit
An Ethernet CAT5 10/100/1000BASE-T cable to connect the IOLAN unit to the network
- Connection to power (Only applies to DC, I/O, Terminal Block and Electric Utility models)

Available Accessories

The following accessories are available for purchase for the various IOLAN models (except medical unit models):

• DIN Rail Mounting Kit for the desktop models and Electric Utility models.
- IOLAN modem card for SCS rack mount models
- PCI adapter card for SCS rack mount models (for wireless WAN cards, modem cards and fiber LAN cards)
• 3 meter RJ45M-RJ45M 8-wire Sun/Cisco modular cable
• RJ45 to DB25 DTE Male adapter
• RJ45 to DB25 DCE Male adapter
• RJ45 to DB25 DTE Female adapter
• RJ45 to DB9 Male DTE adapter
• RJ45 to DB9 Female DTE adapter

Contact your distributor for details.

Power Supply Specifications

Desktop Models (DS and SDS)

If you are providing a power supply for a desktop IOLAN model, your power supply must meet the following requirements:

- DC barrel connector: The cable attached to the power supply should be about 20AWG. The barrel dimensions of the cable-plug are OD=5.5, ID=2.1, and length=9.5mm, with a straight barrel, and positive polarity on the inside and negative polarity on the outside. The voltage output should be between 9-30VDC and a minimum of 700 mA.

- Terminal Block connector: The cable attached to the power supply should be about 20AWG. See the Quick Start Guide for your model to determine the power requirements

Power can also be provided by:

• Serial Port 1, pin 1 on the DS/SDS1 models Serial Port 2, pin 1 on the SDS2 model
• Serial Port 4, pin 1 on the SDS4/SCS4 /SCS4 HL models
• Ethernet on the P series models (Power over Ethernet)

Note: Power over serial is not a feature on the SDS W models.

Explosion WARNING

SDS4 HL model ONLY.

Do not disconnect while circuit is live unless area is known to be non-hazardous.

Power Over Ethernet (PoE) Models

The 1-port/4-port SDS P models can be powered by either the external DC power supply (not included) or PoE or both. The 2-port SDS P does not accommodate an external power supply and can be powered only through PoE.

The IOLAN SDS P model is considered a Powered Device (PD) and can only accept power from an IEEE 802.3AF compliant Power Source Equipment (PSE) device. The IOLAN PoE can receive up to 13W of power using one of the following methods to connect to a PSE:

• Using the two unused twisted pair wires (10/100Mb only).
- Using the two data pairs or “phantom power” method (100Mb).

I/O Models

The power supply for a desktop IOLAN I/O model must meet the following requirement:

• Output between 9-30VDC and a minimum of 600mA current.
- 20 AWG wire.

The maximum load for the Relay channel is 1A @ 30VDC or 0.5A @ 120 VAC.

Rack Mount Models (except Electric Utility models)

DC Power Requirements

The IOLAN DC is supplied with an integral Terminal Connections block to facilitate connection to a DC source(s). The DC supply(s) should have adequate over-current protection within the closed rack system and comply with local or national standards applicable to the installation territory. You need wire gauge 20 to 22 AWG to connect the IOLAN rack mount unit to the power source.

Note: The equipment must be grounded for safety and to ensure ESD protection for correct operation and protection of the internal circuitry.

Note: WARNING Before servicing this product ensure the power source has been disconnected. For dual input or dual power supply models, ensure both sources have been disconnected.

AC Power Requirements

AC power rack mount units come with standard power cords, specific to your country, that should be used to power the IOLAN unit.

Note: WARNING Before servicing this product ensure the power source has been disconnected. For dual input or dual power supply models, ensure both sources have been disconnected.

Medical Unit Models

The MDC model comes with standard power cords, specific to your country, that should be used to power the IOLAN unit.

Electric Utility Models

Power Options

The Electrical Utility series of IOLAN units can be purchased with three different power source options;

HV - Single High Voltage power input with nominal AC range of 100V-240V (50-60Hz) or nominal DC range of 125V-250V.

DHV - Dual redundant High Voltage power inputs with nominal AC range of 100V-240V (50-60Hz) or nominal DC range of 125V-250V. Either power source can be used to supply

power to the unit. When both power inputs are live, the unit operates in a load sharing fashion. Note that the power input pairs are electrically isolated from each other. This means that when using both power inputs either input can be in either the AC or DC range.

LDC - Dual, low voltage DC power inputs with nominal range of 24V-60V. The power supply can be fed by either source1 or source 2 or both. When both power inputs are live, the unit selects the input with the highest voltage. The other input is not used unless it becomes the highest voltage at some point, in which case the unit will switch to it. No power loss will occur during a switch over.

DC Power Requirements

HV and DHV models:

The IOLAN can be powered via a DC source. The following are the ranges for the DC voltage supported by the unit;

Minimum: 88 VDC Nominal: 125-250 VDC Maximum: 300 VDC

The DC supply(s) should have adequate over-current protection within the closed rack system and comply with local or national standards applicable to the installation territory.

You need wire gauge 14 to 18AWG to connect the IOLAN rack mount unit to the power source.

LDC models:

The IOLAN can be powered via a DC source. The following are the ranges for the DC voltage supported by the unit;

Minimum: 18 VDC Nominal: 24-60 VDC Maximum: 72 VDC

You need wire gauge 12 to 18AWG to connect the IOLAN rack mount unit to the power source.

The equipment must be grounded for safety and to ensure ESD protection for correct operation and protection of the internal circuitry.

AC Power Requirements

HV and DHV models;

The IOLAN can be powered via an AC source. The following are the ranges for the AC voltage supported by the unit.

Minimum: 85 VAC Nominal: 100-240 VAC Maximum: 265 VAC

You need wire gauge 14 to 18AWG to connect the IOLAN rack mount unit to the power source.

TELCO-NEBS Models

LDC models:

The IOLAN can be powered via a DC source. The following are the ranges for the DC voltage supported by the unit;

Minimum: 18 VDC Nominal: 24-60 VDC Maximum: 72 VDC

The Battery Return input terminals of the IOLAN can support either Isolated DC return (DC-I) or Common DC return (DC-C).

You need wire gauge 12 to 18AWG to connect the IOLAN rack mount unit to the power source.

Note: The equipment must be grounded for safety and to ensure ESD protection for correct operation and protection of the internal circuitry.

Getting to Know Your IOLAN

This section describes the hardware components found on your IOLAN unit.

Overview

All IOLANs have the same basic hardware components to allow you to connect to serial devices, connect to the network, monitor LAN and serial activity, and manage the unit. Below is a list of these components:

• Serial Port(s)—Connector(s) that will be used to connect to a serial device.
• Activity—This LED blinks to indicate LAN activity. (For medical unit models, the LED is indicated by the ➕ symbol.)
• Link10/100—This LED indicates the Ethernet connection speed for desktop models only:

- Green—10 Mbits
- A m b e r —100 Mbits
- O f f —no LAN connection 

(Rack Models) Link10/100/1000—This LED indicates the Ethernet connection speed for rack mount

- Green—10/100 Mbits
- A m b e r —1000 Mbits
- O f f —no LAN connection 

- (W Models) Link10/100/1000—This LED indicates the Ethernet connection speed for wireless models

- Green—1000 Mbits
- Green/Amber—100 Mbits
- A m b e r —10 Mbits
- O f f —no LAN connection 

- Power/Ready —This LED can cycle through several colors (amber, green, red) during a boot process, but should complete with a solid green light. The label of the LED, and whether or not the LED blinks green after power depends on the IOLAN, as shown in the table below. You can learn more about the Power/Ready LED in Hardware Troubleshooting.

IOLAN Model LED Label Green light Red light

- External Power Supply—For all IOLAN models, this can be an external AC power supply, DC terminal, or power cord, depending on the model.

- Console/Serial Switch—Found on desktop models only (rack mount models have a dedicated console port), this switch determines whether port 1 functions as a serial port or a console port. If you have an extended temperature or I/O model, you will see two console switches. Console/Serial Switch 1 is used to determine the console/serial setting for Port 1 and the Console/Serial Switch 2 is not used.

- Reset—The inset RESET button will reboot all IOLAN desktop and rack mount models if pushed in and released quickly. It will reset the IOLAN to factory defaults if pushed in and held for more than three seconds. (The RESET button is not available on medical unit models.) You can learn more about the Reset button in Resetting the IOLAN to the Default Configuration.

- WPS (Wi-Fi Protected Setup)—The inset WPS button will enable WPS mode if pushed in and held for less than 3 seconds. WPS mode will be active for 120 seconds, if an association is established, WPS mode will be turned off. The inset WPS button will enable WPS mode with Soft-AP (Access Point) mode enabled if pushed in and held for more than 4 seconds.

WLAN— A wireless connection has been established.

- Signal— Wireless signal strength from (left) amber LEDS to (right) green LEDs with green being the strongest signal strength. The LEDs are progressive. (example if LED 3 is On, then LEDs 1 and 2 will also be On. See chart below.

- Serial Activity—All IOLAN models (except medical unit models) have an LED that blinks for serial activity.

Tx—Blinks with transmit serial activity. There is a Tx LED for each serial port.

Rx—Blinks with receive serial activity. There is an Rx LED for each serial port.

- Ethernet—The Ethernet connector. SCS and SDS8/16/32C models have dual Ethernet.

1-Port

This section describes the components found on the IOLAN 1-port models.

The 1-port IOLAN has one serial connection that is one of the following connectors: DB25 male, DB25 female, RJ45, or DB9 male.

2-Port

This section describes the components found on the IOLAN 2-port models.

The 2-port IOLAN has two RJ45 serial connections. The 2-port IOLAN can support an 8-pin connector if there is no requirement for power in (pin 1) or power out (pin 10) pins. The 2-Port P model (Power over Ethernet) does not come with an external power supply connector.

4-Port and 8-Port desktop models

This section describes the components found on the IOLAN 4-port models.

The 4-port IOLAN model has four RJ45 serial connections. The STS8-D IOLAN model has eight RJ45 serial connections.

I/O

This sections describes the basic components found on the IOLAN I/O models.

Top View

The following image shows a typical IOLAN I/O model. Your I/O model may have I/O connectors in slightly different positions.

End View of IOLAN I/O

The IOLAN I/O model shown is an A4D2. Different IOLAN I/O models have different I/O connector configurations.

1-port, 2-port and 4-Port Wireless desktop models

This sections describes the components found on the IOLAN wireless models.

Top View (1 or 2 Port)

The following image shows an IOLAN one or two port wireless model.

Top View (4 port RJ-45)

The following image shows an IOLAN Wireless model.

End Views of IOLAN Wireless

The 4-port IOLAN wireless has four RJ-45 serial connections. The 1-port and 2-port wireless IOLAN have either one or two DB9M connectors depending on the model.

Rack Mount

This section describes the basic components of all rack mount IOLAN models. This example uses the IOLAN SCS with dual Ethernet and dual AC power.

Console Port/LED View

Serial/Ethernet View

Medical Unit

This section describes the basic components found on the IOLAN medical unit models.

Top View

Serial View

Power/Ethernet View

Electric Utility models

This section describes the basic components of the Electric Utility models. This example uses the SDS32C DHV model.

Front (LED/Console port)View

Back (Serial/Ethernet/power) View

Console/Serial Switch

Located at the back of the desktop IOLAN models is a switch that controls whether serial port 1 is in Console or Serial mode.

The SDS T (Extended Temperature) models have two switches, Switch 1 is used for Console/Serial mode and Switch 2 is unused.

Look at your model to verify the direction of the ON switch position. ON indicates that serial port 1 is in Console mode; otherwise serial port 1 is in Serial mode.

Console Mode

Console mode is used when you have a direct connection between a serial device (like a terminal or a PC) and the IOLAN, accessed by the admin user to configure/manage the IOLAN. Console mode automatically sets serial port settings as:

• Serial Interface to EIA-232
• Speed to 9600
  • Flow Control to No
• Bits to 8
• Stop Bits to 1
  Parity to None

Console mode also displays extra system messages.

Serial port 1 will ignore any Serial Port settings when in Console mode, so you need to turn Console mode off to use serial port 1 in your network.

When the console switch is in the on position, the Power/Ready LED will blink green.

Serial Mode

Serial mode is used when the IOLAN acts as a communications server, or anytime you are not connecting directly to the IOLAN to configure it. You can connect directly to the IOLAN in Serial mode, but the IOLAN will not display all the messages/information you will get in Console mode.

Dedicated Console Port

The rack mount IOLAN models have a dedicated Console port, located on the LED side of the IOLAN. You can use the supplied Administration cable (with the supplied RJ45→DB9F adapter if needed) to connect a terminal to the Console/Admin port to view diagnostic information and/or configure the IOLAN using the Menu or Command Line Interface (CLI). You can configure the baud rate and flow control of the dedicated Console port.

Connecting your IOLAN to the Network

To connect the IOLAN to the network, use a straight-through two-pair Category 5 unshielded twisted-pair (UTP) cable, or four-pair for Gigabit connections. Connect the RJ-45 Ethernet port on the IOLAN to a switch, hub, repeater, server or other network device.

To comply with the Telcordia GR-1089 NEBS standard, connect Ethernet interfaces only to intra-building or unexposed wiring or cabling. The intra-building cable must be shielded and the shield must be grounded at both ends.

Alternatively, if shielded cabling is not used, the Ethernet wiring (cabling) must directly connect to equipment within the same frame, cabinet or line-up and the equipment must be separated by a distance of 6 meters or less.

WARNING

The intra-building port(s) of the equipment or subassembly is suitable for connection to intra-building or unexposed wiring or cabling only. The intra-building port(s) of the equipment or subassembly MUST NOT be metallically connected to interfaces that connect to the OSP or its wiring. These interfaces are designed for use as intra-building interfaces only (Type 2 or Type 4 ports as described in GR-1089-CORE, Issue 4) and require isolation from the exposed OSP cabling. The addition of Primary Protectors is not sufficient protection in order to connect these interfaces metallically to OSP wiring.

Connecting the IOLAN to the Wi-Fi Network

The following steps allow for each connection to the IOLAN for initial configuration.

Initial Setup - Soft-AP Method

1. The IOLAN must be powered up.

2. Press the inset WPS button (using a paper clip) for 4 seconds to enable Soft-AP mode. The Signal strength LED display should show a pulsing green LED on the third light from the left to right to confirm you are in Soft-AP mode (See IOLAN Top Views).

3. The IOLAN is listed on your network connections on your PC or wireless client. It will appear as SSID: IOLAN-xxxxxx (the last 6 digits of the IOLAN wireless MAC address - found on the product label).

4. If using the password entry method: Select the wireless network on the PC, when a password is requested enter the password printed on the product label

5. If using the WPS method: press and release the WPS button on the IOLAN select the wireless network on the PC select the WPS option on the PC's password dialog box

6. Should a dialog box appear on your PC's screen to connect to the network, press the continue/Ok button to complete the connection to the IOLAN.

7. Use a Web browser to connect to the default address of the IOLAN at (192.168.0.1).

The default userid is admin and the default password is superuser (case sensitive).

You can now configure and manage your IOLAN using the IOLAN WebManager application.

Note: You should change the admin password to restrict unauthorized access to your IOLAN.

For additional methods of configuring your IOLAN (i.e., HTTP, Telnet, SNMP), please refer to the IOLAN User's Guide.

Powering up your IOLAN

Desktop/Rack Mount Models (excluding Electric Utility models)

To power up the desktop or rack mount IOLAN, perform the following steps:

1. Rack mount models only: Using the rack mount brackets included with your IOLAN, you can rack mount the IOLAN from the front or the back of the chassis, depending on your environment. Make sure you don't block the IOLAN's side air vents. Each IOLAN is 1U in height, and does not require any extra space between units; therefore, you can rack mount up to five IOLANs in a 5U rack.
2. Plug the external power supply into the IOLAN and then into the electrical outlet. Connect it to the PSE if you have a P series (Power over Ethernet) model.
3. Rack mount models only: Power on the IOLAN unit using the Power ON/OFF switch.
4. You will see the LEDs blink for several seconds and then remain a solid green, indicating that it is ready to configure/use.

Before you start to configure the IOLAN, you should set the desktop IOLAN jumpers if you want to terminate the line or use the power in pin feature (instead of an external power supply, if your desktop IOLAN model supports it).

In some circumstances, the setting of jumpers may be required:

• IOLAN DS and SDS models where EIA-422/485 line termination is required.
• IOLAN I/O models with Digital I/O for setting the channels as input or output.
• IOLAN I/O models with Analog I/O for setting Voltage/Current.

See Appendix F, Setting Jumpers to see how to set the jumpers for your IOLAN desktop model.

Medical Unit Models

To power up the medical unit IOLAN, perform the following steps:

1. You can attach the multi-function wall plate included with your medical unit IOLAN to the wall, then mount the IOLAN on the wall plate. Alternatively, you can mount the IOLAN on a tabletop or any suitable horizontal surface. See the IOLAN MDC Hardware Installation Guide for more information on how to mount the medical unit IOLAN.
2. Plug a power cable into the left side (power/Ethernet panel) of the IOLAN unit and then into the electrical outlet.
3. Power on the IOLAN unit using the Power ON/OFF switch.
4. You will see the LEDs blink for several seconds and then remain a solid green, indicating that it is ready to configure/use.

Terminal Block Models

Perform the following steps to power up the unit:

1. Ensure power is NOT applied to the wires prior to connection.

2. On each end wire, remove the insulation from the copper wire 5 mm (3/16 of an inch).

For I/O models the Terminal Block is pluggable.

1. Loosen the left screw on the top of the terminal connector block, then insert your positive (+) wire into the left terminal and screw it down tight. Loosen the right screw on the top of the terminal connector block, then insert your negative (-) wire into the right terminal and screw it down tight.

1. Plug the power supply into the electrical outlet.

2. A solid green LED indicates the unit is powered up.

For I/O models, you should set the IOLAN jumpers for Digital I/O (see Digital I/O Module) or Analog Input (Analog Input Module) channels.

DC Power Models (excluding Electric Utility models)

To power up the IOLAN with DC power requirements, perform the following steps:

1. Verify that the power switch on the IOLAN unit and the power source is in the Off position.

2. Connect the primary and secondary DC input using the following specifications:

a. Use wire gauge 12 to 22 AWG.

b. Strip insulation 7mm from wire ends. (If using stranded wire, twist all strands together to ensure all wire strands are used for the connection.)

c. Connect supply with reference to the terminal block diagram and electrical specifications:

When connecting only a single power supply source, ensure the connection is the primary supply and the secondary terminals are left unconnected.

Primary Supply:

Positive (+) wire to Circuit 1, terminal marked +

Negative (-) wire to Circuit 1, terminal marked -

Secondary (back-up) Supply:

Positive (+) wire to Circuit 2, terminal marked +

Negative (-) wire to Circuit 2, terminal marked -

Note: When connecting dual power supply sources, the IOLAN supports a common positive (+) circuit arrangement ONLY.

Earthing Wire:

Ground wire to terminal marked with circular earthing symbol.

Screws:

Tighten terminal connector block screws to 4.5 lbs-inches (0.51Nm) torque.

1. Switch On the power supplies.

2. Switch On the IOLAN. (The power LEDS 1 and 2 will indicate the status of the power source at the respective input. If both the primary and secondary power source are available, both LED 1 and LED 2 will be luminated indicated power detected from each input.)

Disconnecting 48V Power Supplies from the IOLAN

To disconnect the power supply(s) from the IOLAN, do the following:

1. Switch off the IOLAN.
2. Switch off the power source(s).
3. Disconnect all DC power input cables from the IOLAN terminal connector block.
4. Remove any attached devices to the serial or Ethernet port(s).

Your IOLAN is ready to be moved.

Electric Utility Models

To power up the IOLAN, Electric Utility models, perform the following steps:

1. Ensure that the power supply side of the connection is been powered down before attempting to connect the wires on the IOLAN side.
2. Connect the power as outlined in the "wiring" section below which matches your model.
3. Enable power to unit. Unit should now power up. Selecting Install Locations for LDC Models

Wiring

Safety warnings for ALL Electric Utility models

The Electric Utility series of IOLAN units do not have a power switch, and an appropriately rated circuit breaker must be installed externally to the unit. If two power sources are used, each source must have a circuit breaker. As a safety precaution you should not rely upon the unit's front panel LEDs as a power indicator.

Safety warnings for HV and DHV models.

Note:

WARNING

This unit should be installed in a restricted access location where access can only be gained by service personnel or users who have been instructed about the reasons for the restrictions applied to the location and about any precautions that shall be taken; and access is through the use of a tool or lock and key, or other means of security, and is controlled by the authority responsible for the location.

All equipment must be installed according to the applicable country wiring codes.

Grounding of HV and DHV models

The Electric Utility series of IOLAN units have a chassis ground screw. This connection must be connected to "Equipment Ground" for DC installations or "Safety Ground" for AC installations. A second "earth ground" connection is provided for secondary grounding. This should only be used in conjunction with the grounding screw provided on the terminal connector.

Note:

For your safety, before attempting to connect or modify any of the electrical connections to the unit, please be sure all wiring is disconnected from any live power source. Power should only be applied when you are sure that the wiring is correct and any safety covers are properly installed.

Wiring up an HV unit

NOTES:

1. For terminal# 1 through 6, the use of ring terminals size #6 (M3.5) is recommended using stranded wire size AWG 18-14. Tighten all screws to a torque of 12 Lb-in (1.36 Nm).
2. For terminal# E, the use of ring terminal size #8 (M4) is recommended using stranded wire size AWG 18-14. Tighten screw to a torque of 12 Lb-in (1.36 Nm).
3. Use the "Chassis Ground" terminal connection for grounding the unit. "Earth Ground" should be used as secondary grounding source only.
4. Be sure to replace the clear plastic electrical safety shield before applying power to the unit.

NOTES:

1. For terminal# 1 through 8, the use of ring terminals size #6 (M3.5) is recommended using stranded wire size AWG 18-14. Tighten all screws to a torque of 12 Lb-in (1.36 Nm).
2. For terminal# E, the use of ring terminal size #8 (M4) is recommended using stranded wire size AWG 18-14. Tighten screw to a torque of 12 Lb-in (1.36 Nm).
3. Use the "Chassis Ground" terminal connection for grounding the unit. "Earth Ground" should be used as secondary grounding source only.
4. Be sure to replace the clear plastic electrical safety shield before applying power to the unit.

Wiring up a LDC unit

1. Ensure that the power supply side of the connection is been powered down before attempting to connect the wires on the IOLAN side.
2. Connect the power as outlined in the "wiring" section below.
3. Enable power to unit. Unit should now power up.

CAUTION ESD sensitivity: This product contains Electrostatic Sensitive Devices. Follow ESD mitigative procedures during installation and maintenance.

NOTES:

1. For terminal# 1 through 7, strip insulation from wire 9/32-5/16 (7 -8mm) using stranded wire size 18-12 AWG. Tighten screw to a torque of 4.5 Lb-in (0.51Nm).
2. For terminal# E (Chassis ground), the use of ring terminal size #8 (M4) is recommended using stranded wire size AWG 18-14. Tighten screw to a torque of 12 Lb-in (1.36 Nm).
3. When power is applied, if both sources are available, both power LED 1 and LED 2 (on front of unit) will be luminated indicating power detected from both sources.
4. Unit is suitable for installation as part of the Common Bond Network (CBN). The LDC's power supply input terminals are isolated from the equipment frame ground.

TELCO - NEBS Models

The Perle IOLAN LDC TELCO-NEBS models have been certified to be NEBS compliant.

To ensure compliance, power up the IOLAN LDC model and perform the following steps:

1. Ensure that the power supply side of the connection is been powered down before attempting to connect the wires on the IOLAN side.
2. Connect the power as outlined in the "wiring" section below.
3. Enable power to unit. Unit should now power up.

Safety warnings for TELCO - NEBS models.

The TELCO - NEBS series of IOLAN units do not have a power switch, and an appropriately rated circuit breaker must be installed externally to the unit. If two power sources are used, each source must have a circuit breaker. As a safety precaution you should not rely upon the unit's front panel LEDs as a power indicator.

Install Locations for LDC Models

The unit may be installed in one of the following locations.

• Network Telecommunications Facilities. (such as a central office).
- Locations where the NEC (National Electric Company) guidelines apply such as customer premises, general business offices, residential and retail.
- OSP (Outside Plant) such as outside cabinets and environmental locations.

Wiring up a the Fail-Safe Relay

The LDC series of IOLAN units are also fashioned with a Fail-Safe Relay. The relay is engaged after the unit is powered up and the software has loaded properly. Should a failure occur, the relay will be disengaged until the unit returns to a normal state of operation. A failure is defined as a condition which causes the unit to stop running.

A SPDT set of contacts are provided to the user. These three contact connections are known as "Common", "Normally Open" and "Normally Closed", and are electrically isolated to the relay. The contacts are rated for voltages up to 30VDC /AC with a maximum current of 3A.

Introduction

About the IOLAN

The IOLAN is an Ethernet communications/terminal server that allows serial devices to be connected directly to LANs. The IOLAN can connect to a wide range of devices including:

• Terminals for multi-user UNIX systems
• Data acquisition equipment (manufacturing, laboratory, scanners, etc.)
● Retail point-of-sale equipment (bar coding, registers, etc.)
• PCs using terminal emulation or SLIP/PPP
• Modems for remote access and Internet access
• ISDN adapters for branch remote access and Internet access
• All types of serial printers

The performance and flexibility of the IOLAN allows you to use a wide range of high speed devices in complex application environments. The IOLAN products will work in any server environment running TCP/UDP/IP.

IOLAN Family Models

The IOLAN comes in several different models to meet your network needs:

• DS—Offered as a 1-port unit (DB25M, DB25F, RJ45, and DB9M interfaces available), this model provides general IOLAN functionality and supports software configurable serial interface protocols EIA-232/422/485.
• TS—This model is available with two serial ports (RJ45 only) and supports EIA-232 only. The TS model is similar to the DS model supporting only general IOLAN functionality.
• SDS—This model is available in both desktop and rack mount configurations. Both models support software configurable serial interface protocols EIA-232/422/485. The SDS model has the advanced secure IOLAN feature set in addition to the general IOLAN functionality. The SDS models also include the “Electric Utility” variants which include both HV (High Voltage AC and DC) and LDC (Low Voltage DC) models as well as the TELCO-NEBS LDC model. The Iolan SDS M model supports 1 or 3 serial ports with an integrated V.92 modem. The SDS P is 802.3af Power over Ethernet complaint. Ethernet interface speeds of 10/100 Mbps.
  STS—This model comes in two desktop models and several rack mount configurations. All models support EIA-232 only except for the STS P which utilizes Power over Ethernet technology. The STS model has the advanced secure IOLAN feature set in addition to the general IOLAN functionality.
• SCS—This model comes in several rack mount configurations. All models support EIA-232 only and have an internal PCI card interface. The internal PCI card interface can be used either for installation of a V.92 modem card or optionally a wireless fiber card. The SCS model has the advanced secure IOLAN feature set in addition to the general IOLAN functionality.

- MDC—Offered as a 4-port and 8-port unit (RJ45 only), this model is a medical unit compliant with IEC 60601-1 and has galvanically isolated EIA-232 serial ports. The MDC model has the advanced secure IOLAN feature set in addition to the general IOLAN functionality.

- HL— Offered as a 4-port unit (RJ45 only), this model is a Hazard Location model. The SDS HL model is suitable for use in Class I, Division 2 groups A, B, C, D or unclassified locations.

NOTE: In order to comply with the ATEX directive, the IOLAN SDS4 HL must be installed in an ATEX certified IP54 min. enclosure and the IOLAN SDS4 HL must be installed so that the unit's labelling is visible.

- W—Offered as a 1-port and 2-port unit with DB9M connectors and as a 4-port RJ45 model with RJ-45 connectors. All models provide Serial to Wi-Fi, Serial to Ethernet and Ethernet to Wi-Fi connectivity. Industry standard wireless networking using 802.11 a/b/g/n and robust configurable wireless security methods WEP, WPA-PSK & Enterprise (EAP, PEAP, LEAP), 802.11i.

- See Hardware for information about the hardware specifications for your IOLAN model.

• See Software for a list of the basic and advanced software features.

IOLAN Features

The IOLAN is a communications server used for making serial network connections. It attaches to your TCP/IP network and allows serial devices such as modems, terminals, or printers to access the WLAN/LAN. It also allows WLAN/LAN devices to access devices or equipment attached to IOLAN serial ports.

This section highlights the hardware and software components you can expect to find in your IOLAN model.

Hardware

Note 1: Not supported on STS8-D.
Note 2: Optional power supply.
Note 3: RJ45 connectors only available on 4-port model.

Software

This section describes the supported software features available.

Accessing the IOLAN

All IOLAN models can be accessed through any of the following methods:

• Easy Config Wizard, an easy configuration wizard that allows you to quickly setup the IOLAN in a Windows ^ environment
• DeviceManager, a fully functional Microsoft, Windows NT ^ /Windows 2000 ^ /Windows Vista ^ /Windows Server 2003 ^ /Windows 2003 R2 ^ /Windows 2008 ^ /Windows 2008 R2 ^ /Windows XP ^ /Windows 7 ^ /Windows 8 ^ /Windows 8.1 ^ /Windows Server 2012 ^ and Server 2012 R2 ^ configuration/management tool.
  WebManager, a web browser (HTTP/HTTPS) option for configuring/managing the IOLAN
• Menu, a window-oriented menu interface for configuration and user access
• CLI, a Command Line Interface option for configuration/management and user access
  • SNMP, allowing remote configuration via SNMP as well as statistics gathering
• DHCP/BOOTP, a method of automatically updating the IOLAN
• IOLAN+ interface, for IOLAN+ users, IOLAN models with 16 ports or fewer can be configured using the IOLAN+ menu

General Features

Basic IOLAN software features are available on all IOLAN models.

• IPv6 support.
• Support for TCP/IP and UDP protocols including telnet and raw connections.
  • Printer support via LPD and RCP.
  • Virtual modem emulation.
• ‘Fixed tty’ support for several operating systems using Perle’s TruePort utility.
• DHCP/BOOTP for automated network-based setup.
  • Dynamic statistics and line status information for fast problem diagnosis.
• Multisession support when accessing the IOLAN from either the serial port or the network.
• Modbus master/slave/gateway support.
• An SDK for custom programs and plugin support.
• I/O interface on the IOLAN I/O models (Analog, Temperature, Digital, and Relay).
• Ability to disable services (for example, Telnet, TruePort, Syslog, SNMP, Modbus, HTTP) for additional security.
• Ability to enable Ping responses.

Advanced Features

Advanced IOLAN software features can be found on all IOLAN models except DS and TS models.

- External authentication using any of the following systems:

-RADIUS
- Kerberos
-TACACS+
-NIS
- SecurID
- LDAP/Microsoft Active Directory

• Support for TCP/IP and UDP protocols.
• Dynamic DNS with DYNDNS.org.
• Domain Name Server (DNS) support.
- WINS support for Windows ^ environments.
- Remote access support including PPP, SLIP, and SLIP with VJ Compression.
- Ability to remotely manage the Perle Remote Power Switch (RPS).
- Ability to cluster several IOLANs.
- Email alert notification.
- PPP authentication via PAP /CHAP/ MSCHAP.
- CHAP(MD5) authentication support to TACACS+ servers.
- SSH connections (supported ciphers are Blowfish, 3DES, AES-CBC, AES-CTR, AES-GMC, CAST, and ChaCha20-Poly1305).
- SSL/TLS connections.
- Logging via Syslog.
- RIP authentication (via password or MD5).
• SNTP (versions 1, 2, 3, and 4 are supported).

Security

The IOLAN security features can include (depending on your IOLAN model):

• Supervisory and serial port password protection.
- Ability to set serial port access rights.
- Ability to assign users access level rights to control their access.
- Trusted host filtering (IP filtering), allowing only those hosts that have been configured in the IOLAN access to the IOLAN.
- Idle port timers, which close a connection that has not been active for a specified period of time.
- Ability to individually disable network services that won't be used by the IOLAN.
- SSH client/server connections (SSH 1 and SSH 2).
- SSL/TLS client/server data encryption (TLSv1/1.1/1.2 and SSLv2).
- Ability to setup Virtual Private Networks.
- Access to firewalled/Nated devices via HTTP tunnels.
- Wireless Security; WEP, WPA2-PSK & Enterprise (EAP, PEAP, LEAP), 802.11i.

Configuration Methods

Introduction

This chapter provides information about the different methods you can use to configure the IOLAN. Before you can configure the IOLAN, you must assign an IP address to the IOLAN. See the Chapter 4, Getting Started to find out how to assign an IP address to the IOLAN.

Once an IP address is assigned to the IOLAN, you can use any of the configuration methods to:

• Configure users.
• Configure IOLAN server parameters.
• Configure serial port parameters.
• Configure network parameters.
• Configure time parameters.
• Reboot the IOLAN.
• Manage the Perle Remote Power Switch (when applicable).
• Manage I/O channels (when applicable).
  • View statistics while connected to the IOLAN.

Configuration Methods Overview

Some of the IOLAN configuration methods have the capability of configuring an IP address, which is the first required configuration step for a new IOLAN. Once the IOLAN has been assigned an IP address, any of the configuration methods can be used to configure the IOLAN.

Configures an IP Address

Following is a list of methods for setting the IOLAN IP address and a short explanation of when you would want to use that method:

- Easy Config Wizard—The Easy Config Wizard is available from the CD ROM included with your IOLAN. You can use the Easy Config Wizard to set the IOLAN's IP address and configure serial ports. This configuration method would typically be used when:

• All ports are to have the same configuration.
• Only the most commonly used profiles are required.
• Straightforward application with no advanced functionality required.
• Easy Config is installed on a Windows ^ -based PC with local network access to the IOLAN.

- DeviceManager—Use this method when you can connect the IOLAN to the network and access the IOLAN from a Windows® PC. The DeviceManager is a Windows®-based application that can be used for IOLAN configuration and management. The DeviceManager can be used to assign an IP address and perform the complete configuration and management of the IOLAN.

• Direct Connection—Use this method when you can connect to the IOLAN from a serial terminal or from a computer running terminal emulation software over a serial port. Using this method, you will need to configure and/or manage the IOLAN using either the Menu or CLI.
• DHCP/BOOTP—Use this method when you have a BOOTP or DHCP server running and you can connect the IOLAN to your network. The IOLAN will automatically obtain an IP address from a local network DHCP/BOOTP server when this service is enabled (it is disabled by default). You can also configure certain IOLAN parameters that will be passed from the DHCP/BOOTP server to the IOLAN when it boots up. Other configurators such as DeviceManager, CLI, or Menu can be used to set this option, and obtain the initial IP address.
• ARP-Ping—Use this method when you can connect the IOLAN to the network and want to assign a temporary IP address to the IOLAN by adding an ARP entry to your PC and then pinging it.
• IPv6 Network—When the IOLAN is connected to an IPv6 network, its local link address is determined using stateless auto configuration.

Once an IP address has been assigned to the IOLAN, in most cases, you can continue to use the same method if it is a configurator or you can switch to any other configuration method.

Requires a Configured IP Address

The following configuration methods require that an IP address already be assigned to the IOLAN.

• WebManager—WebManager is a fully functional, browser-based configuration method.
• IOLAN+ Interface—The IOLAN+ interface is available on IOLAN models that are 1-16 ports (this is not supported on DS1, TS2, and medical unit models) and uses the interface that is available on the IOLAN+ product line.

Easy Config Wizard

The Easy Config Wizard is a configuration wizard that will configure all the serial ports on your IOLAN to one of the following:

• Console Management
  • TruePort (Virtual COM Port)
• TCP Sockets (Raw TCP)
• Terminal
  • Printer (not supported on DS1/TS2 models)
• Serial Tunneling

You can launch the Easy Config Wizard from the Perle website or from the installation CD-ROM.

The Easy Config Wizard has been designed to walk you through the configuration process for any of the available configuration options shown on the Welcome window.

DeviceManager

Overview

The DeviceManager is a Windows ^® -based application that can be used to connect to the IOLAN to actively manage and configure it or can create new IOLAN configurations offline. See Chapter 5, Using DeviceManager and WebManager for information on configuring/managing the IOLAN with DeviceManager.

Access Platforms

The DeviceManager can be run from Microsoft, Windows NT ^® /Windows 2000 ^® /Windows Vista ^® /Windows Server 2003 ^® /Windows 2003 R2 ^® /Windows 2008 ^® /Windows 2008 R2 ^® /Windows XP ^® /Windows 7 ^® /Windows 8 ^® /and Windows Server 2012 ^® .

DeviceManager can be installed from the product CD-ROM or downloaded from the Perle website. Unless the IOLAN has already been configured with a Gateway, DeviceManager can only access IOLANs in the local subnet. The DeviceManager can be accessed by only the admin user.

Features

DeviceManager supports the following features:

• The ability to download the same configuration file to several IOLANs in one operation.
• The ability to save a configuration file locally in text format, in addition to the binary format.
• The ability to create a configuration file without being connected to the IOLAN.
• The ability to open a session to the IOLAN and download a (saved) configuration file to it.
• The ability to download/upload keys/certificates to/from the IOLAN.
• The ability to download custom files, such as new terminal definitions and a custom language files to the IOLAN.

Connecting to the IOLAN Using DeviceManager

Before you can use DeviceManager, you need to install it on your Windows operating system from the IOLAN CD-ROM or you can download it from the Perle website. After the DeviceManager application is installed, click Start, All Programs, Perle, DeviceManager, DeviceManager to start the application. When you launch the DeviceManager, it will scan the network for IOLANs:

All discovered IOLANs will be displayed on the list along with their name and IP address. When a new IOLAN is discovered on the network, that has not yet been assigned an IP address, it will be displayed with an IP Address of Not Configured. To configure the IP address, click on the IOLAN and then click the Assign IP button.

Choose the method you want to use to assign an IP address to the IOLAN:

• Type in the IP address that you want to assign to this IOLAN.
• Enable the Have the IOLAN automatically get a temporary IP Address option. This will turn on DHCP/BOOTP, so the IOLAN will attempt to get its IP address from your DHCP/BOOTP server. If you don't have a DHCP/BOOTP server, DeviceManager will temporarily assign an IP address in the range of 169.254.0.1-169.254.255.255 that will be used only for the duration of the DeviceManager/IOLAN communication.

After you configure the IP address, click the Assign IP button.

The refreshed list will now display the assigned IP address for the new IOLAN. To connect to the IOLAN, click the IOLAN entry and click OK. You will be asked to supply the admin password (the factory default password is superuser).

If you have a successful connection, the DeviceManager will retrieve the configuration and then display the IOLAN's System Information and you can begin configuring the IOLAN.

The DeviceManager does not automatically update the IOLAN's configuration. You must download the configuration changes to the IOLAN and then reboot the IOLAN to make the configuration changes take effect.

Using DeviceManager

After you have successfully connected to the IOLAN, DeviceManager displays the following window:

Navigating the Options

The left-hand navigation tree allows you to quickly and easily navigate the various Configuration and Statistics pages of DeviceManager. Further navigation is available in the form of buttons and tabs in the display area of DeviceManager, depending on where you are in the navigation tree, as shown in the below.

Notice that when you expand a parent node in the tree (e.g., Serial), the tree displays the same options that appear as buttons in the display area, as shown below. This gives you the choice of using the navigation tree or buttons to navigate the options.

Downloading the Configuration

When you have completed all your configuration changes, click the Download All Changes button to download the configuration to the IOLAN. You must reboot the IOLAN for your configuration changes to take effect.

WebManager

Overview

The WebManager is a web browser-based method of configuring/managing the IOLAN. It follows the same design as the DeviceManager, so it is easy to switch between the WebManager and DeviceManager when configuring your IOLAN. See Chapter 5, Using DeviceManager and WebManager for information on configuring/managing the IOLAN with DeviceManager.

Access Platforms

You can access the IOLAN through WebManager from any system that can run a web browser. WebManager can be accessed by the admin user or any user who has Admin Level privileges.

Features

WebManager supports the following features:

• The ability to open a session to the IOLAN and download a (saved) configuration file to it.
• The ability to save a configuration file locally in text format, in addition to the binary format.
• The ability to download/upload keys/certificates to/from the IOLAN.
• The ability to download custom files, such as new terminal definitions and a custom language files to the IOLAN.

- From WebManager, you can launch EasyPort Web, which can be used to:

• access clustered IOLANs
• access ports configured with the Console Management profile and launch an SSH or Telnet session to those console ports
  • exercise power management capability (when using the Perle Remote Power Switch)

Connecting to the IOLAN Using WebManager

Before you can connect to the IOLAN using WebManager, the IOLAN must already be configured with a known IP address; see Setting Up the Network to configure an IP address on your IOLAN.

To connect to the IOLAN through the WebManager:

1. Open your web browser and type in the IP address of the IOLAN that you want to manage/configure and press Enter; for example: http://123.123.123.123.

2. If you successfully connect to the IOLAN, a login screen will appear.

1. If you are accessing the IOLAN in non-secure HTTP, just type in the username "admin" and the associated password (the factory default password is superuser) If the IOLAN has already been configured for secure access mode (HTTPS), select the Secure Login link and then type in the username "admin" and the associated password.

The secure HTTP (HTTPS) mode requires that the SSL Passphrase is already defined in the IOLAN configuration and the SSL/TLS certificate/private key and CA list must have already been downloaded to the IOLAN; see Keys and Certificates for more information.

Using WebManager

After you have successfully logged into WebManager, you will see the following:

You navigate through the different configuration windows by selecting an option in the left-hand navigation tree. When you click on an option that is under a folder, more navigation options are displayed:

The Network folder contains two configuration options, IP Address and Advanced. Notice that when the IP Address option is selected, there are more navigation options in the form of the tabs, IP Settings and Advanced.

Remember that in the WebManager, it is necessary to press the Apply button to save your changes.

Command Line Interface

Overview

The Command Line Interface (CLI) is a command line option for IOLAN configuration/management. See the Command Line Interface Reference Guide for a full breakdown of all the CLI commands and their functionality.

Access Platforms

The CLI is accessed by any application that supports a Telnet or SSH session to the IOLAN's IP address, such as Putty, SecureCRT, or from a command prompt. You can also access the CLI from a dumb terminal or PC connected to a serial port.

Features

The CLI supports the following features:

• You can access the IOLAN from any application that supports Telnet or SSH.
• The ability to clear the ARP table (cache).
• The ability to save a configuration file locally in text format, in addition to the binary format.
• For existing IOLAN+ customers, the native IOLAN+ CLI to be used by entering the iolan+ command. See your IOLAN User's Guide for information on using the IOLAN+ CLI.

The IOLAN+ CLI is not supported on IOLAN models with more than 16 ports or the DS1/TS2 and medical unit models.

Connecting to the IOLAN Using the CLI

There are two ways you can access the IOLAN, through the network (Ethernet connection) or through the serial connection. If you are accessing the IOLAN through the network, the IOLAN must already have a known IP address configured; see Using a Direct Serial Connection to Specify an IP Address for information on configuring an IP address.

Through the Network

To connect to the IOLAN through the network to configure/manage it using the CLI, do the following:

1. Start a Telnet or SSH session to the IOLAN's IP address; for example:
   telnet 10.10.201.100
2. You will get a Login: prompt. You can login as the admin user or as a user with Admin Level rights. If the login is successful, you will get a prompt that displays the IOLAN model and number of ports:
   Login: admin Password:
   SDS2#

You will see a prompt that displays the model and number of the IOLAN. You are now ready to start configuring/managing your IOLAN using the CLI.

Through the Serial Port

To connect to the IOLAN through the serial port to configure/manage it using the CLI (or Menu), see Using a Direct Serial Connection to Specify an IP Address.

After you have established a connection to the IOLAN, you will get a Login: prompt. You can login as the admin user or as a user with Admin Level rights. If the login is successful, you will get a prompt that displays the IOLAN model and number of ports:

Login: admin

Password:

SDS2#

You will see a prompt that displays the model and number of the IOLAN. You are now ready to start configuring/managing your IOLAN using the CLI

Using the CLI

After you have successfully logged in, you can start configuring/managing the IOLAN by typing in commands at the prompt. If you are not sure what commands are available, you can type a ? (question mark) at any time during a command to see your options.

See the Command Line Interface Reference Guide for more information about the CLI.

Menu

Overview

The Menu is a graphical representation of the CLI. You can look up Menu parameter explanations in the Command Line Interface Reference Guide. The only operations that the Menu does not support are the downloading and uploading of files to/from the IOLAN.

Access Platforms

The Menu is accessed by any application that supports a Telnet or SSH session to the IOLAN's IP address, such as Putty, SecureCRT, or from a command prompt. You can also access the Menu from a dumb terminal or PC connected to a serial port.

Features

The Menu supports the following features:

• You can access the IOLAN from any application that supports Telnet or SSH.
• For existing IOLAN+ customers, the native IOLAN+ menu interface can be used by entering the iolan+ command to display and use the native IOLAN+ menu interface. See your IOLAN User's Guide for information on using the IOLAN+ interface. See IOLAN+ Interface for more information about IOLAN+ interface.

Connecting to the IOLAN Using the Menu

To connect the IOLAN using the Menu, follow the directions for Connecting to the IOLAN Using the CLI.

Using the Menu

After you have successfully logged in, type screen at the prompt and press Enter. You will be asked to enter a terminal type, and then you will see the following Menu:

To navigate through the Menu options, do the following:

1. Highlight a Menu option by using the keyboard up and down arrows to navigate the list.

2. When the Menu item you want to access is highlighted, press the Enter key to either get to the next list of options or to get the configuration screen, depending on what you select.

3. When you are done configuring parameters in a screen, press the Enter key and then the Enter key again to Accept and exit the form.

4. If you want to discard your changes, press the Esc key to exit a screen, at which point you will be prompted with Changes will be lost, proceed? (y/n), type y to discard your changes or n to return to the screen so you can press Enter to submit your changes.

5. If there are a number of predefined options available for a field, you can scroll through those items by pressing the Space Bar or you can type 1 (lowercase L) to get a list of options, use the up/down arrows to highlight the option you want, and then press Enter to select it.

DHCP/BOOTP

Overview

Several IOLAN parameters can be configured through a DHCP/BOOTP server during the IOLAN bootup. This is particularly useful for configuring multiple IOLANs.

Not all configuration parameters are supported in the DHCP/BOOTP configuration (see DHCP/BOOTP Parameters for supported configuration parameters), so you will need to use another configuration method, such as DeviceManager, WebManager or CLI, to complete the configuration.

Features

DHCP/BOOTP supports the following features:

• DHCP/BOOTP can supply the IOLAN's IP address.
• The DHCP/BOOTP server can configure certain server and user configuration parameters when the IOLAN is booted.
• The DHCP/BOOTP server can auto-configure the IOLAN with basic setup information (IP address, subnet/prefix bits, etc.).
• The DHCP/BOOTP server can download a new version of firmware when the IOLAN is rebooted.
• The DHCP/BOOTP server can download a full configuration file when the IOLAN is rebooted.

Connecting to the IOLAN Using DHCP/BOOTP

The IOLAN will automatically request an IP address from the DCHP/BOOTP server when the Obtain IP address automatically using DHCP/BOOTP parameter is enabled. To enable the Obtain IP address automatically using DHCP/BOOTP parameter, follow the directions in Using a Direct Serial Connection to Enable BOOTP/DHCP.

Using DHCP/BOOTP

To use DHCP/BOOTP, edit the bootp file with IOLAN configuration parameters. You can use DHCP/BOOTP to perform the following actions on a single or multiple IOLANs on bootup:

• auto-configure with minimal information; for example, only an IP address
• auto-configure with basic setup information (IP address, subnet/prefix bits, etc.)
• download a new version of firmware
• download a full configuration file

DHCP/BOOTP is particularly useful for multiple installations: you can do all the IOLANs' configuration in one DHCP/BOOTP file, rather than configure each IOLAN manually. Another advantage of DHCP/BOOTP is that you can connect the IOLAN to the network, turn on its power and let autoconfiguration take place. All the configuration is carried out for you during the DHCP/BOOTP process.

DHCP/BOOTP Parameters

The following parameters can be set in the DHCP/BOOTP bootp file:

- SW_FILE—The full path, pre-fixed by hostname/IP address (IPv4 or IPv6), and file name of the firmware update.

- CONFIG_FILE—The full path, pre-fixed by hostname/IP address (IPv4 or IPv6), and file name of the configuration file.

- GUI_ACCESS—Access to the IOLAN from the HTTP or HTTPS WebManager. Values are on or off.

- AUTH_TYPE—The authentication method(s) employed by the IOLAN for all users. You can specify the primary and secondary authentication servers, separated by a comma. This uses the following numeric values for the authentication methods.

- 0 —None (only valid for secondary authentication)
- 1 —Local
- 2 —RADIUS
- 3 —Kerberos
- 4 —LDAP/Microsoft Active Directory
- 5 —TACACS+
- 6 —SECURID
- 7 —NIS 

- SECURITY—Restricts IOLAN access to devices listed in the IOLAN's host table. Values are yes or no.

- TFTP_RETRY—The number of TFTP retries before aborting. This is a numeric value, for example, 5.

- TFTP_TMOUT—The time, in seconds, before retrying a TFTP download/upload. This is a numeric value, for example, 3.

- CUSTOM_LANG—The full path, pre-fixed by a hostname/IP address (IPv4 or IPv6), and file name of a translated language file. For example, 192.101.34.211 /accounting/Iolan_ds_german.txt.

- EXTRA_TERM1—(EXTRA_TERM2, EXTRA_TERM3) The full path, pre-fixed by a hostname/IP address (IPv4 or IPv6), and file name of a termcap file for a specific terminal type.

SNMP

Overview

The IOLAN supports configuration and management through SNMP. SNMP Management tools (SNMP client/MIB browser software) can be used to set IOLAN configuration parameters and/or view IOLAN statistics.

Before you can configure/manage the IOLAN using SNMP, you need to set the IOLAN IP address and configure a read-write user for SNMP version 3 or a community for SNMP version 1 or 2. You can use DeviceManager, CLI, or the Menu to set the IP address and user/community (don't forget to reboot the IOLAN before connecting with the SNMP manager to make your changes take effect).

Access Platforms

You can access the IOLAN SNMP MIB from any system that runs your SNMP client/MIB browser software.

Features

SNMP supports the following features:

• You can configure SNMP traps.
• Since not all versions of SNMP support secure communication, password parameters must be set using another configuration method.

Connecting to the IOLAN Using SNMP

Before you can connect to the IOLAN through an SNMP Management tool or MIB browser, you need to set the following components through another configuration method.

1. Configure a known IP address on the IOLAN.
2. Configure a read-write user for SNMP version 3 or a community for SNMP version 1 or 2 on the IOLAN.
3. Reboot the IOLAN to make sure the changes take effect.

To connect to the IOLAN through an SNMP Management tool or MIB browser, do the following:

1. Load the perle-sds.MIB file from the IOLAN CD-ROM or Perle website into your SNMP manager (this MIB works for all SDS, SCS, STS, and MDC models).

You need to have the following MIBs installed in your SNMP manager (these are usually part of the standard SNMP client/MIB browser):

SNMPv2-SMI
SNMPv2-TC
• IPV6-TC

1. Verify that the read-write user for SNMP version 3 or a community for SNMP version 1 or 2 match the configuration on the IOLAN.
2. Type in the IOLAN's IP address and connect to the IOLAN.

You are now ready to start configuring the IOLAN using SNMP.

Using the SNMP MIB

After you have successfully connected to the IOLAN through your SNMP Management tool or MIB browser, expand the PERLE-IOLAN-SDS-MIB folder to see the IOLAN's parameter folders. Below is an example of the configurable parameters under the ServicesInfo folder.

The first variable in each folder is the Status variable, for example, serviceStatus. When you perform a GET on this variable, one of the following values will be returned:

• 1—Indicates that the container folder is active with no changes.
• 2—Indicates that the container folder is active with change(s).

Once you have completed setting the variables in a folder, you will want to submit your changes to the IOLAN. To do this, set the Status variable to 4. If you want to discard the changes, set the Status variable to 6.

4—Indicates that the changes in the container folder are to be submitted to the IOLAN.
6—Indicates that the changes in the container folder are to be discarded.

If you want to save all the changes that have been submitted to the IOLAN, you need to expand the adminInfo container folder and SET the adminFunction to 1 to write to FLASH. To make the configuration changes take effect, SET the adminFunction to 3 to reboot the IOLAN.

IOLAN+ Interface

Overview

For environments that have both IOLAN and IOLAN+ models or for users who prefer to configure using the IOLAN+ Menu or CLI, the IOLAN+ user interface is available. The IOLAN+ interface is supported on all IOLAN SDS, SCS, and STS models up to and including 16 serial ports.

Access Platforms

The Menu is accessed by any application that supports a Telnet or SSH session to the IOLAN's IP address, such as Putty, SecureCRT, or from a command prompt. You can also access the Menu from a dumb terminal or PC connected to a serial port.

Connecting to the IOLAN to Use the IOLAN+ Interface

To connect the IOLAN to using the IOLAN+ interface, follow the directions for Connecting to the IOLAN Using the CLI.

Using the IOLAN+ Interface

After you have successfully logged in to the IOLAN, you can type iolan+ at the CLI command prompt to access the IOLAN+ configuration menu (you must have User Level Normal or Admin).

The IOLAN and the IOLAN+ admin user share the same password. The default admin password is superuser (not iolan).

If you choose to use the IOLAN+ configuration interface, you should always configure the IOLAN using the IOLAN+ interface. The IOLAN/IOLAN+ fields do not map directly between the two interfaces. If you configure a field in the IOLAN configuration interface to a value that is invalid in the IOLAN+ interface and then attempt to use the IOLAN+ interface, the invalid field value will show up as ***** (all asterisks), although the IOLAN will interpret the value as valid.

Changes to the IOLAN+ Interface

You should be aware that the following IOLAN+ configuration fields are no longer supported:

• You no longer have the option of selecting access, Authentication/Logging. Also, kill, reboot, and stats are not available.
• When you select port, the following fields are not available on the Port Setup Menu:

• User, Name—only when using LPD/LPR, Name no longer is used as the queue name
• Options, Rlogin/Telnet
• Options, Debug options
• Options, Hex data
• Options, Secure
• Keys, Sess
• Access, UDP Retries
• Access, Retry Interval
• Access, Authentication

- When you select line, Access, the following fields are not available on the Access Menu:

• Authentication
• UDP Retries
• Interval

- When you select line, Options, the following fields are not available on the Options Menu:

Opt
HEX
• Rlogin/Telnet

- When you select access, Remote access sites., the following fields are not available on the Remote Access Systems Screen:

** Administrator ** REMOTE ACCESS SYSTEMS SCREEN REMOTE-ADMIN
Sitename [ ]   
User name [ ]   
Password [ ]   
Device type ( )   
Service type N/A   
Inactivity N/A   
Phone number [ ]   
Login-script N/A 

• Service type
- Inactivity
- Login-script

- When you select access, Remote site devices., the following fields are not available on the Remote Site Device Screen:

** Administrator ** REMOTE SITE DEVICES SCREEN REMOTE-ADMIN
Type [ ]
IP Addresses
Src Addr N/A
Dst Addr N/A
Modem
Config [ ]
Dial Comm N/A
Hang Up N/A
PPP Configuration Dialer Configuration
Restart timer [3] Dial Timeout [45]
Max Retries [10] Dial Retries [2]
Inactivity [0 ] 

• IP Address, Src Address
• IP Address, Dst Address
• Modem, Dial Comm
- Modem, Hang Up

When you select server, the following fields are not available on the Server Configuration menu:

• Debug mode
• CR to initiate
• SNAP encoding
• Boot diagnostics
  NS Port

A new parameter was added, Interface, to the to Port Setup Menu, to specify whether you are setting up the serial line as a EIA-232 or EIA-422 line.

Getting Started

Introduction

There are several different configuration methods available to configure the IOLAN (see Chapter 3, Configuration Methods for more information). This chapter describes the three main minimal configuration requirements for the IOLAN through either Easy Config Wizard (cannot configure users using this method), DeviceManager, or WebManager:

If you are setting up the IOLAN medical unit (MDC) model, you must first install the latest firmware to take advantage of the full feature set available with the MDC model. The latest firmware can be found either on the CD-ROM that came with the IOLAN or on the Perle website, www.perle.com/downloads (when you access the webpage, select your specific IOLAN model). See Downloading IOLAN Firmware for information on how to download the latest IOLAN firmware.

1. Setting up the network—This minimally consists of configuring an IP address or enabling DHCP/BOOTP. Once the IOLAN has an IP address, you can use any configuration method.
2. Setting up the serial ports—You will want to select the serial port profile that matches the serial port requirement/scenario for your serial device.
3. Setting up users—This is an optional step, which is only required when your implementation requires users to access the IOLAN and you are not using external authentication.

Easy Configuration Wizard

The Easy Config Wizard quickly sets up the IOLAN's network configuration and all serial ports to one of the following:

• Console Management—Allows users on the network to connect to a serial device that is connected to a serial port on the IOLAN.
• TruePort (Virtual COM Port)—Allows a networked system to communicate with your serial device through a virtual COM or TTY port, using the Perle TruePort software.
• TCP Sockets (Raw TCP)—Allows hosts on the network to communicate with a serial device that requires raw data throughput (such as a printer or card reader) connected to the IOLAN serial port.
• Terminal—Allows a terminal device to connect to a specified host on the network through a serial port on the IOLAN.
• Printer—Allows hosts on the network to talk to a printer using LPD connected to the IOLAN.
• Serial Tunneling—Allows IOLANs on the network to establish a virtual link between their serial ports. Typically, one IOLAN's serial port is configured as a Tunnel Server and the other IOLAN's serial port is configured as a Tunnel Client.

Setting Up the Network

The most important part of setting up the network is assigning an IP address to the IOLAN, whether this is a static IP address or enabling a DHCP/BOOTP-assigned IP address. You should also assign a name to the IOLAN, to make it easier to recognize. This section deals primarily with setting the IP address.

Using DeviceManager

To use the DeviceManager, you must first install it on a Windows ^® operating system. The DeviceManager is able to automatically discover all IOLANs on your local network, even if they have not yet been assigned an IP address. If routers on the network have been setup to propagate multicasts, DeviceManager will also be able to discover IOLANs in other networks. The DeviceManager installation wizard can be found on the CD-ROM included in the IOLAN package.

1. Connect the IOLAN to the network.
2. Power on the IOLAN.
3. From the CD-ROM that was included in the IOLAN packaging, select the DeviceManager link.
4. Click on the link under Location and click Open to automatically start the DeviceManager installation.
5. Install the DeviceManager by following the installation wizard. On the last window, check the Yes, I want to launch DeviceManager now. box and click the Finish button.
6. When you launch the DeviceManager, it will automatically scan the local network and display any IOLANs that it can find.
7. Any IOLAN that does not have an IP address will be displayed as Not Configured, with the Model and MAC Address to identify the IOLAN. Highlight the IOLAN that you want to assign an IP address to and click the Assign IP button.

8. Choose the method you want to use to assign an IP address to the IOLAN:

9. Type in the IP address that you want to assign to this IOLAN.

10. Enable the Have the IOLAN automatically get a temporary IP address option. This will turn on DHCP/BOOTP, so the IOLAN will attempt to get its IP address from your DHCP/BOOTP server. If you don't have a DHCP/BOOTP server, DeviceManager will temporarily assign an IP address in the range of 169.254.0.1-169.254.255.255 that will be used only for the duration of the DeviceManager/IOLAN communication.

Click the Assign IP button.

1. You are now ready to configure the IOLAN. Double-click the IOLAN you just configured IP address for to open a configuration session. Type superuser (the factory default admin user password) in the Login window and click OK.
2. Expand the Server Configuration folder and select Server. Verify the IP address configuration. You should also enter a name in the Server Name field to make the IOLAN easily identifiable.
3. To make your edits take effect, you need to download the new configuration file and then reboot the IOLAN. Download the configuration file to the IOLAN by selecting Tools, Download Configuration to Unit or click the Download All Changes button.
4. Reboot the IOLAN by selecting Tools, Reboot Server or click the Reboot IOLAN button.

For more information on configuring the IOLAN using DeviceManager, see Chapter 5, Using DeviceManager and WebManager.

Using WebManager

To use the WebManager as your configurator, you must first assign an IP address to the IOLAN. You can use the Easy Config Wizard to assign an IP address to the IOLAN or any of the other methods described in this section. Once the IP address is assigned to the IOLAN, simply type the IP address into the Address field of your web browser and press the Enter key.

Using a Direct Serial Connection to Specify an IP Address

You can connect to the IOLAN's serial console port using a PC with a terminal emulation package, such as HyperTerminal or a terminal.

This procedure does not apply to IOLAN medical unit models.

1. Connect the IOLAN to your PC or dumb terminal. Make sure the DIP switch is in Console mode (for desktop models, this sets the IOLAN serial port 1 to EIA-232) or that you are connected to the dedicated Console port (for rack mount models). When connecting a terminal or PC directly (without modems), the EIA-232 signals need to be crossed over ('null modem' cable). See Appendix D, EIA-232 Cabling Diagrams for cabling diagrams.
2. Using a PC emulation application, such as HyperTerminal, or from a dumb terminal, set the Port settings to 9600 Baud, 8 Data bits, No Parity, 1 Stop Bits, and No Hardware Flow control to connect to the IOLAN. You can change these settings for future connections on the rack mount models (the IOLAN must be rebooted for these changes to take place).
3. When prompted, type admin for the User and superuser for the Password. You should now see the a prompt that displays the model type and port number; for example, SCS16#.
4. You are now logged into the IOLAN and can set the IP address by typing from the command line using the Command Line Interface (CLI).

For single Ethernet connection models, type:

set server internet

For dual Ethernet connection (SCS) models, type:

set server internet eth1

For wireless connection (W) models, type:

set server internet wan0

Where ipv4address is the IP Address being assigned to the IOLAN.

1. Type the following command:

save

1. If you are going to use another configuration method, such as WebManager or DeviceManager, unplug a desktop IOLAN or turn Off a rack mount IOLAN. On a desktop IOLAN, change the DIP switch to Off Serial (DIP switch in the up position) and connect it to your serial device. Plug the IOLAN back in, automatically rebooting the IOLAN in the process.

2. If you want to complete the configuration using a direct connection, see Command Line Interface and/or Menu. After you complete configuring the IOLAN, unplug the IOLAN. If this is a desktop model, change the IOLAN DIP switch to Off Serial (DIP switch in the up position) and connect it to your serial device. Plug the IOLAN back in, automatically rebooting the IOLAN in the process.

Using a Direct Serial Connection to Enable BOOTP/DHCP

If you are using BOOTP, you need to add an entry in the BOOTP server for the IOLAN that associates the MAC address (found on the back of the IOLAN) and the IP address that you want to assign to the IOLAN. After you have made the MAC address/IP address association for BOOTP, use the following directions for BOOTP or DHCP.

You can connect to the IOLAN using a PC with a terminal emulation package, such as HyperTerminal or a dumb terminal.

This procedure does not apply to IOLAN medical unit models.

1. Connect the IOLAN to your PC or dumb terminal. Make sure the DIP switch is in Console mode (for desktop models, this sets the IOLAN serial port to EIA-232) or that you are connected to the dedicated Console port (for rack mount models). When connecting a terminal or PC directly (without modems), the EIA-232 signals need to be crossed over ('null modem' cable). See Appendix D, EIA-232 Cabling Diagrams for cabling diagrams.
2. Using a PC emulation application, such as HyperTerminal, or from a dumb terminal, set the Port settings to 9600 Baud, 8 Data bits, No Parity, 1 Stop Bits, and No Hardware Flow control to connect to the IOLAN. You can change these settings for future connections on the rack mount models (the IOLAN must be rebooted for these changes to take place).
3. When prompted, type admin for the User and superuser for the Password. You should now see the a prompt that displays the model type and port number; for example, SCS16#.

4. You are now logged into the IOLAN and can set the IP address by typing from the command line using the Command Line Interface (CLI). Type the following command:
   set server internet dhcp/bootp on

5. Type the following command:

save

1. Type the following command:

reboot

1. When the IOLAN reboots, it will automatically poll for an IP address from the DHCP/BOOTP server. If the IOLAN has dual Ethernet, each Ethernet connection will automatically be assigned an IP address, you can access the IOLAN through either IP address.

2. To view the DHCP/BOOTP assigned IP address, type the following command:

show interface ethernet

If for some reason it cannot obtain an IP address from your DHCP/BOOTP server, you will have to either reconnect to the IOLAN on the console port and reboot it or push the RESET button to access the IOLAN.

You are now ready to configure the IOLAN. See Chapter 3, Configuration Methods for information on the different IOLAN configuration methods.

Using ARP-Ping

You can use the ARP-Ping (Address Resolution Protocol) method to temporarily assign an IP address and connect to your IOLAN to assign a permanent IP address. To use ARP-Ping to temporarily assign an IP address:

1. From a local UNIX/Linux host, type the following at the system command shell prompt:

arp -s a.b.c.d aa:bb:cc:dd:ee:ff 

On a Windows ^® 2000 or newer system, type the following at the command prompt:

arp -s a.b.c.d aa-bb-cc-dd-ee-ff 

(where a.b.c.d is the IPv4 address you want to temporarily assign to the IOLAN, and

aa:bb:cc:dd:ee:ff is the Ethernet (MAC) address of IOLAN (found on the back of the unit).

1. Whether you use UNIX or Windows ^ , you are now ready to ping to the IOLAN. Here is a UNIX example of the sequence to use:

arp -s 192.168.209.8 00:80:d4:00:33:4e 

ping 192.168.209.8 

From the ping command issued in step 2, the IOLAN will pickup and use the IP address entered into the ARP table in step 1. You are now ready to configure the IOLAN. See Chapter 3, Configuration Methods for information on the different IOLAN configuration methods.

For an IPv6 Network

The IOLAN has a factory default link local IPv6 address based upon its MAC Address. For example, the link local address is:

IOLAN MAC Address: 00-80-D4-AB-CD-EF

Link Local Address: fe80::0280:D4ff:feAB:CDEF

By default, the IOLAN will listen for IPV6 router advertisements to obtain additional IPV6 addresses. No configuration is required, however, you can manually configure IPV6 addresses and network settings; see Chapter 6, Network Settings for more information on IPv6 configuration options.

You are now ready to configure the IOLAN. See Chapter 3, Configuration Methods for information on the different IOLAN configuration methods.

Setting Up the Serial Port(s)

The DeviceManager and WebManager have the following serial port profiles that will simplify serial port setup:

• Console Management—The Console Management profile configures a serial port to provide network access to a console or administrative port. This profile sets up a serial port to support a TCP socket that listens for a Telnet or SSH connection from the network.
• TruePort—The TruePort profile configures a serial port to connect network servers or workstations running the TruePort software to a serial device as a virtual COM port. This profile is ideal for connecting multiple serial ports to a network system or server.
• TCP Sockets—The TCP Sockets profile configures a serial port to allow a serial device to communicate over a TCP network. The TCP connection can be configured to be initiated from the network, a serial device connected to the serial port, or both. This is sometimes referred to as a raw connection or a TCP raw connection.
• UDP Sockets—The UDP Sockets profile configures a serial port to allow communication between the network and serial devices connected to the IOLAN using the UDP protocol.
• Terminal—The Terminal profile configures a serial port to allow network access from a terminal connected to the IOLAN's serial port. This profile is used to access predefined hosts on the network from the terminal.
• Printer—The Printer profile configures a serial port to support a serial printer that can be accessed by the network.

• Serial Tunneling—The Serial Tunneling profile configures a serial port to establish a virtual link over the network to a serial port on another IOLAN. Both IOLAN serial ports must be configured for Serial Tunneling (typically one serial port is configured as a Tunnel Server and the other serial port as a Tunnel Client).

• Virtual Modem—The Virtual Modem (Vmodem) profile configures a serial port to simulate a modem. When the serial device connected to the IOLAN initiates a modem connection, the IOLAN starts up a TCP connection to another IOLAN configured with a Virtual Modem serial port or to a host running a TCP application.

• Control Signal I/O—The Control Signal I/O profile enables the use of the EIA-232 serial port signal pins to be used as assigned Digital Inputs or Digital Outputs.
• Modbus Gateway—The Modbus Gateway profile configures a serial port to act as a Modbus Master Gateway or a Modbus Slave Gateway.
• Power Management—The Power Management profile configures a serial port to communicate with a Remote Power Switch's (RPS) administration port. This allows network access to the RPS and permits access to statistics and control of the RPS's power plugs.
• Remote Access (PPP)—The Remote Access (PPP) profile configures a serial port to allow a remote user to establish a PPP connection to the IOLAN's serial port. This is typically used with a modem for dial-in or dial-out access to the network.
• Remote Access (SLIP)—The Remote Access (SLIP) profile configures a serial port to allow a remote user to establish a SLIP connection to the IOLAN's serial port. This is typically used with a modem for dial-in or dial-out access to the network.
• Custom Application/Plugin—The Custom Application/Plugin profile configures a serial port to run a custom application or IOLAN plugin. After you download the custom application files and specify the application name and any parameters you want to pass to it, the IOLAN will execute the application when the serial port is started.

Each serial port profile contains all the parameters that are required to completely configure the serial port scenario represented by the profile.

To select a serial port profile in the DeviceManager, connect through the DeviceManager to the IOLAN you are configuring and select Serial, Serial Ports in the navigation pane. Highlight the serial port you want to configure and then click Edit.

When the default serial port profile Terminal displays, click the Change Profile button and select the appropriate profile for the serial port. See Chapter E, Configuring Serial Ports for more information on the serial port profiles and their configuration parameters.

Setting Up Users

When you have a user who is accessing a device connected to a serial port from the network or who is accessing the network from a device connected to a serial port through the IOLAN, you can create a user account and configure the user's access privileges. Notice that there is a Default user; the Default user's parameters are inherited by users logging into the IOLAN who are being authenticated by an external authentication method (see Authentication for more information) or are accessing the IOLAN as a Guest (see Local for more information).

To add a user account, click on the Users page in the navigation pane.

Click the Add button to create a user account.

To quickly add a user, fill out the field in the General tab and click OK.

See Chapter 7, Configuring Users for more information about the other user parameters you can configure.

Using DeviceManager and WebManager

Introduction

The DeviceManager and WebManager IOLAN managers have been designed to be very similar to use. DeviceManager is a Windows ^® -based application and WebManager is a browser-based application. Both options use the IOLAN's IP address to access the IOLAN; the DeviceManager can be used to assign an IP address to a new IOLAN and the WebManager requires that the IOLAN already have an IP address before it can be used to configure the IOLAN.

When using WebManager, you are required to click the Apply button each time you make a change to a configuration window/tab. In DeviceManager, you must download your configuration changes to the IOLAN either periodically or after you are done with the configuration changes. From both managers you must reboot the IOLAN in order for you configuration changes to take effect.

Navigating DeviceManager/WebManager

The DeviceManager and WebManager have very similar navigation methods. The left-hand side of the manager is the navigation tree and the center is the configuration area. The DeviceManager has menu and quick access buttons, whereas the WebManager has system information and some navigation options on the far right-hand side.

DeviceManager

The DeviceManager has a navigation tree that you can use to access the available Configuration and Statistics pages in the display area. When you select an option in the navigation tree, you can often navigate the tabs or buttons in the display area to access the various configuration and statistics options. See Using DeviceManager for more information on how to navigate the pages of DeviceManager.

WebManager

The WebManager uses a expandable/collapsible buttons with folders and pages for the navigation tree. You can expand the buttons to view the folders and pages to see the available configuration options. When you access a configuration page, you can often navigate the tabs in the configuration area to access all of the configuration options.

EasyPort Web

WebManager also launches EasyPort Web, which is a browser-based management tool that can be used to manage clustered IOLANs, Remote Power Switches (RPSs), power plugs, and I/O channels (available only when an I/O model is accessed). EasyPort Web can also be launched by any user who can connect to the IOLAN through a web browser.

Using DeviceManager to Connect to the IOLAN

DeviceManager can connect to existing IOLANs or assign an IP address to a new IOLAN. Whenever you connect to the IOLAN through the DeviceManager, you connect as the admin user and must supply the password for the admin user.

Starting a New Session

To start a new session and connect to the IOLAN using the DeviceManager:

1. Start the DeviceManager by selecting Start, All Programs, Perle, DeviceManager, DeviceManager.

2. When the DeviceManager starts, it searches the network for IOLANs.

If you are not seeing IPv6 addresses in the list (you must expand the entry), see IPv6 Issues to find out how to install IPv6 support.

If your IOLAN is not in the local network and you do not have a multicast enabled router in your network and therefore is not displayed in the selectable list, but can be pinged from your PC, you can add it to the selectable list by clicking the Add button.

Click the Add button and type in the IOLAN's IP address; this field supports IPv4 and IPv6 addresses. Click the Close button when you have completed adding all the manual entries. Select the manually added server to connect to it.

Assigning a Temporary IP Address to a New IOLAN

You can temporarily assign an IP address to the IOLAN that is connected to your local network segment, for the purpose of connecting to it and downloading a configuration file (containing a permanent IP address). To temporarily assign an IP address to the IOLAN, do the following:

1. Click the Refresh button. The IOLAN will be displayed in the IP Address column as Not Configured.

2. Select the new IOLAN and click the Assign IP button. The following window is displayed:

Version 3.1 or lower

Version 3.2 or higher

1. Type a valid temporary IP address into the address field or, in version 3.2 or higher, enable the Have the IOLAN automatically get a temporary IP address. If you enable the temporary IP address, the IOLAN will enable DHCP/BOOTP on your IOLAN and attempt to get an IP address from the DHCP/BOOTP server (this will permanently enable DHCP/BOOTP in your IOLAN's configuration, until you change it). If your network does not have a DHCP/BOOTP server, the IOLAN will temporarily assign an IP address in the range of 169.254.0.1-169.254.255.255 (this IP address is only assigned for the duration of the DeviceManager/IOLAN connection).

2. Click the Assign IP button.

3. Double-click the IOLAN in the IOLAN List. If this is the first time you are accessing the IOLAN, type in the factory default admin password, superuser, and click OK. The DeviceManager will display a window indicating that it is trying to authenticate and connect you on the IOLAN.

4. If the authentication and connection are successful, the Server Info window is displayed. You are now ready to configure the IOLAN. If authentication was unsuccessful, try to connect to the IOLAN again; you probably mistyped the password for the admin user.

For more information about managing the IOLAN, see Configuration Files.

Adding/Deleting IOLANs Manually

To permanently add/delete the IOLAN to/from the IOLAN List, click the Add button. The following window is displayed:

To permanently add the IOLAN to the IOLAN list, click the Add button and type in the IPv4 or IPv6 address of the IOLAN. To permanently delete the IOLAN from the IOLAN list, select the IOLAN's IP address and click the Delete button.

Logging in to the IOLAN

To log in to the IOLAN, double-click on the IOLAN in the Device Server List. You will be prompted for the admin Password (the default is superuser).

If the authentication and connection are successful, the IOLAN's Server Info window is displayed. If you cannot connect to the IOLAN, you can highlight the IOLAN and click the Ping button to verify that the DeviceManager can communicate with the IOLAN's IP Address. If the ping times out, then you might need to set up a Gateway in your IOLAN or verify that your network is communicating correctly.

Using WebManager to Connect to the IOLAN

WebManager can connect to IOLANs that already have an assigned IP address or wirelessly to an IOLAN SDS W. See the WLAN section in this guide for configuration options for Client or Soft AP mode.

To connect to the IOLAN, type the IP address of the IOLAN into the Address field as such: http://10.10.234.34.

You will see the login screen.

Logging into the IOLAN

Type in the admin password in the Password field and click the Login button. A user who does not have admin privileges can access EasyPort Web to access clustered serial ports, Perle Remote Power Switches (RPS), and/or RPS plugs (must already be configured on this IOLAN) by typing their user name and password on the login screen.

Configuration Files

Creating a New IOLAN Configuration in DeviceManager

In DeviceManager, when you select File, New, the New Configuration window is displayed.

Select the IOLAN model for which you want to create a new configuration file. Any configuration file created in this manner can only be save locally. To download a created configuration file, you must first connect to the IOLAN, import the created configuration file into DeviceManager (this is not available in WebManager), and then download the configuration file to the IOLAN and reboot it. Opening an Existing Configuration File

If you select the File, Open, a browse window is opened so you can select the configuration file you want to edit. IOLAN configuration files saved in the DeviceManager can be in the IOLAN-native binary format (.dme) or as a text file (.txt), which can be edited with a text editor. Either configuration version can be imported into the DeviceManager. IOLAN configuration files saved from WebManager can also be opened into DeviceManager.

Importing an Existing Configuration File

If you have a local, saved configuration file that you want to download to the IOLAN, you must first connect to the IOLAN that you want to download the configuration file to. Once you have successfully logged into the IOLAN, in DeviceManager select Tools, Import Configuration from a File and in WebManager select Administration, Restore/Backup. You need to download the file in DeviceManager and in both managers you need to reboot the IOLAN.

Managing the IOLAN

Most of the management tasks, such as setting the time/date, downloading keys/certificates, downloading firmware, downloading custom files, resetting serial ports, etc., are found under the Tools menu option in the DeviceManager and under Administration in WebManager.

Network Settings

Introduction

The Network section is used to configure the parameters that identify the IOLAN within the network and how the IOLAN accesses hosts on the network. The following configuration windows are available:

- IP Settings—This window configures the IOLAN's name, IP address, and Ethernet information. See Introduction for more information.

- Advanced—This window configures hosts that the IOLAN will be communicating with, routes, DNS/WINS servers, RIP, Dynamic DNS, and IPv6 Tunnels. IP Settings

IPv4 Settings

Overview

The parameters in IPv4 settings are used to access the IOLAN and how the IOLAN accesses the network.

Field Descriptions

Configure the following parameters:

IPv6 Settings

Overview

Configure IPv6 settings when the IOLAN resides in an IPv6 network.

Field Descriptions

Configure the appropriate parameters:

Obtain IPv6 When enabled, you can configure the IOLAN to obtain the IPv6 address(es) Address(es) using using IPv6 Autoconfiguration or a DHCPv6 server.

Default: Enabled

IPv6 Autoconfiguration When enabled, the IOLAN will send out a Router Solicitation message. If a Router Advertisement message is received, the IOLAN will configure the IPv6 address(es) and configuration parameters based on the information contained in the advertisement. If no Router Advertisement message is received, the IOLAN will attempt to connect to a DHCPv6 server to obtain IPv6 addresses and other configuration parameters.

Default: Enabled

DHCPv6 When enabled, requests IPv6 address(es) and configuration information from the DHCPv6 server.

Default: Disabled

Custom IPv6 Displays the list of custom configured IPv6 addresses.

Address List

Add Button Adds a custom IPv6 address.

Edit Button Edits an existing IPv6 address.

Delete Button Deletes an IPv6 address from the Custom IPv6 address list.

Default Gateway Specify the gateway IP address that will provide general access beyond the local network.

Field Format: IPv6 address

Adding/Editing a Custom IPv6 Address

You can manually add one of the following:

- The IPv6 network prefix (and the IOLAN will determine an IPv6 address based on the network prefix and the IOLAN MAC address).

• The complete IPv6 address.

Configure the following parameters:

Create a unique When enabled, the IOLAN will derive an IPv6 address from the entered IPv6 address on the network prefix and the IOLAN's MAC address. network Default: Enabled

Network Prefix Specify the IPv6 network prefix. The IOLAN will derive the complete IPv6 address from the entered network prefix and the IOLAN's MAC address. Default: Enabled

Network Prefix Specify the network prefix bits for the IPv6 address. IPv6 Prefix Bits Range: 0-64 Default: 64

Use the following IPv6 address Enable this option when you want to enter a specific IPv6 address. Default: Disabled

IPv6 Address Specify the complete IPv6 address. Field Format: IPv6 address

IPv6 Address IPv6 Specify the network prefix bits for the IPv6 address. Prefix Bits Range: 0-128 Default: 64

Advanced

Overview

The Advanced tab configures DNS update, MTU size, IPv6 Advertising Router settings, and the Ethernet interface parameters.

Configure the parameters in the Advanced tab only if:

• you have already set up Dynamic DNS with DynDNS.com
• you want to specify the line speed and duplex for your Ethernet interface
• if you want the IOLAN to act as an IPv6 Advertising Router

Field Descriptions

Configure the appropriate parameters:

Register Address in DNS When this parameter is set, the Terminal Server will provide the DHCP/DHCPv6 server with a fully qualified domain name (FQDN), so that the DHCP/DHCPv6 server can update the network's DNS server with the newly assigned IP address. Default: Disabled

WLAN

Overview

The IOLAN can operate in two wireless modes.

• Client Mode
  Soft-AP Mode

Client Mode

In Client mode the IOLAN can connect wirelessly to an Access Point (AP) wireless network. The IOLAN is preconfigure to run in Client mode. The IOLAN supports up to 8 client profiles for connecting to different Access Points (AP's).

IOLAN in Client Mode

graph TD
    A["Wireless Device"] --> B["Access Point"]
    B --> C["IOLAN Client Mode"]
    C --> D["Serial Devices"]
    D --> E["Server"]
    C --> F["Server"]
    style A fill:#f9f,stroke:#333
    style B fill:#bbf,stroke:#333
    style C fill:#dfd,stroke:#333
    style D fill:#dfd,stroke:#333
    style E fill:#dfd,stroke:#333
    style F fill:#dfd,stroke:#333

Soft-AP Mode

In Soft-AP Mode, the IOLAN acts as an Access Point for wireless clients. Up to 6 wireless clients can connect to the IOLAN.

IOLAN in Soft-AP Mode

graph TD
    A["Wireless Devices"] --> B["Wireless Network"]
    C["Wireless Devices"] --> B
    D["Serial Devices"] --> E["Access Point"]
    F["IOLAN Soft-AP Mode"] --> E
    E --> G["Server"]
    E --> H["Printer"]
    style A fill:#f9f,stroke:#333
    style C fill:#f9f,stroke:#333
    style D fill:#f9f,stroke:#333
    style F fill:#f9f,stroke:#333
    style E fill:#ccf,stroke:#333

Back to Back IOLANs

In Back to Back Mode, one IOLAN is configured in Soft-AP Mode (AP) and the second IOLAN is configured in Client Mode.

Back to Back IOLANs (one in Soft-AP Mode and the other in Client Mode)

graph TD
    A["Wireless Devices"] --> B["Access Point"]
    C["Wireless Network"] --> D["IOLAN Soft-AP Mode"]
    D --> E["Serial Devices"]
    E --> F["IOLAN Client Mode"]
    F --> G["Server"]
    F --> H["Printer"]
    style A fill:#f9f,stroke:#333
    style C fill:#f9f,stroke:#333
    style D fill:#ccf,stroke:#333
    style E fill:#cfc,stroke:#333
    style F fill:#fcc,stroke:#333
    style G fill:#cff,stroke:#333
    style H fill:#ffc,stroke:#333

Note: The WLAN network can be disabled

WLAN Global Settings

Selecting the WLAN tab will allow you to:

• set the WLAN parameters
- add/edit and delete profiles
- configure Soft-AP mode

Region Select your wireless region.

Values: eu, japan, us-canada

Default: us-canada

Mode Specify the mode of operation for the IOLAN's WLAN operation.

Client: The IOLAN's wireless interface is used to connect to an AP (Access Point).

Soft-AP: The IOLAN's wireless interface acts as an AP (Access Point) allowing wireless clients to connect.

Disabled: The IOLAN's wireless capabilities are disabled. When disabled, the external WPS button will have no effect on the mode of the IOLAN.

Default: Client

Radio Band The IOLAN can operate over 2.4GHz or 5GHz. To support connections to one or the other bands use 2.4+5.

Values: 2.4, 5, 2.4+5

Default: 2.4+5 (dual-band)

WPS Enabled (in client mode) By default WPS (Wireless Protected Setup) mode is enabled to allow the IOLAN to easily connect to any routers/Access Points that are in supported WPS mode. In WPS mode, the IOLAN will scan (120 seconds) all networks to find the closest AP that is currently in WPS mode. The IOLAN will exchange credentials with that AP and then create an internal wireless profile (association) and will then exit WPS mode.

Values: on or off

Default: on

WPS Enabled (in Soft-AP mode) The WPS button can be used in Soft-AP mode to facilitate the connection of wireless clients.

Passive Scan Only In passive scan mode the IOLAN will scan all channels and listen for beacons being sent by the AP's on these channels. In active scan mode, the IOLAN actively seeks out AP's by sending out probes on these channels to accelerate their discovery. Active scan mode can be disabled by setting the Passive Scanning Only Mode to On.

Values: on or off

Default: off

Roaming Enabled This setting allows you to roam (reconnect) to a different wireless router/AP (with the same SSID) if there is a significant difference in the signal strength.

Values: on or off

Default: on

Roaming Decision When roaming, the IOLAN will be constantly scanning in the background to determine if there is a better AP to connect to within the ESSID network. Since this background scanning can have an effect on performance, it will normally do slow scans when the signal is strong and faster scans when the signal is weaker.

Values: Balanced, Optimize Bandwidth, Optimize Distance

Default: Balanced

Out of Range Scan Specify the out of range scan interval for fast roaming scans.

Values: 0-65535 seconds

Default: 30 seconds

In Range Scan Specify the in range scan interval for slow roaming scans.

Values: 0-65535 seconds

Default: 300 seconds

Antenna Rx Diversity/MRC

The IOLAN uses these techniques to optimize receive signals on it's wireless antennas. (4 port units only)

2.4-GHz supports MRC (Maximal-Ratio Combining)

5-GHz supports Diversity Capable

Default: on

WLAN Profiles

Overview

A WLAN profile defines all the settings necessary to establish a wireless connection with an Access Point. You can defined up to 8 client profiles on the IOALN. Associations with AP's in WPS mode will be automatically added by the IOLAN as a profile (priority 1).

Enabled

Only enabled profiles will be considered for association with AP's

Values: off or on

Default: on

Add/Edit/Delete

Select button to add/delete or edit profiles.

Add/Edit/Delete

Security/ Encryption

Soft-AP Mode

Overview

Configure the appropriate parameters:

Advanced

Host Table

Overview

The Host table contains the list of hosts that will be accessed by an IP address or Fully Qualified Domain Name (FQDN) from the IOLAN. This table will contain a symbolic name for the host as well as its IP address or FQDN. When a host entry is required elsewhere in the configuration, the symbolic name will be used.

Functionality

You can configure up to 50 hosts using IPv4 or IPv6 internet addresses on desktop IOLAN models; you can configure up to 100 hosts on rack mount and medical unit IOLAN models.

Field Descriptions

Configure the appropriate parameters:

Add Button

Adds a host to the host table.

Edit Button

Changes a host that already exists in the host table.

Delete Button

Deletes a host from the host table

Adding/Editing a Host

Configure the appropriate parameters:

Host Name The name of the host. This is used only for the IOLAN configuration.

Field Format: Up to 14 characters, no spaces.

IP Address The host's IP address.

Field Format: IPv4 or IPv6 address

Fully Qualified Domain Name When you have DNS defined in the IOLAN, you can enter a DNS resolvable fully qualified domain name (note: FQDN's are excluded as accessible hosts when IP Filtering is enabled).

Field Format: Maximum 254 alphanumeric characters

IP Filtering

Overview

The IP Filtering Host table allows you to configure:

• any host to connect to the IOLAN
• only hosts as defined in the Host Table and/or
• specify up to 6 IP address ranges

Functionality

You can specify up to 6 IP traffic to/from address ranges.

Field Descriptions

Configure the appropriate parameters

IP Filtering Data Options:

Allow all traffic - Allows any host to connect to the IOLAN.

Default: Allow all ranges

IP Filtering on Host Data Options:

Table

Allow only defined traffic to/from hosts defined with IP addresses - a security feature that when enabled, the IOLAN will only accept data from or send data to hosts configured in the IOLAN's Host Table.

IP Filtering on

Data Options:

Address Ranges

Allow traffic to/from address range - a security feature that when enabled, the IOLAN will only accept data from or send data to hosts configured within these IPv4 address ranges.

Route List

Overview

Entering routes in the routing list enables the identification of gateways to be used for accessing specific hosts or external networks from the IOLAN's local network.

Functionality

There are three types of routes:

• Default—A route that provides general access beyond your local network.
• Host—A route defined for accessing a specific host external to your local network.
  • Network—A route defined for accessing a specific network external to your local network.

You can specify up to 20 routes on desktop IOLAN models; you can specify up to 49 routes on rack mount and medical unit IOLAN models.

Two types or gateways (method of accessing specific hosts or external networks) can be configured:

• Host—Specify a specify host that will provide access to the route destination.
• Interface—Specify the IPv6 tunnel, Remote Access (PPP)-defined serial port, or Remote Access (SLIP)-defined serial port that will provide access to the route destination.

Field Descriptions

The following buttons are available on this window:

Add Button

Adds a route to the Route List.

Edit Button

Changes an existing route in the Route List.

Delete Button

Deletes a route from the Route List.

Adding/Editing Routes

From the Route List tab, if you click the Add or Edit button, you will be able to add a new or edit an existing route.

Configure the appropriate parameters:

Type Specify the type of route you want to configure.

Data Options:

• Host—A route defined for accessing a specific host external to your local network.
• Network—A route defined for accessing a specific network external to your local network.
• Default—A route which provides general access beyond your local network.

Default: Default

IP Address

When the route Type is defined as Host, this field will contain the IP address of the host. If the route Type is defined as Network, the network portion of the IP address must be specified and the Host port of the address will be set to 0. Example: to access network 10.10.20, the address 10.10.20.0 would be specified in this field.

Format: IPv4 or IPv6 address

IPv4 Subnet Mask

When the route is a Network route, you must specify the network's subnet mask.

IPv6 Prefix Bits

If the IP address is IPv6, then you must specify the network's prefix bits.

Range: 0-128

Host Select this option when a host is being used at the route gateway.

Default: Enabled, None

Interface

The Interface list is comprised of configured IPv6 tunnels and serial ports defined for Remote Access (PPP) and Remote Access (SLIP) profiles. Select this option when you want to use the specified interface as the gateway to the destination.

Field Option(s): IPv6 tunnels, Remote Access (PPP) and Remote Access (SLIP) serial ports

Default: Disabled

DNS/WINS

Overview

You can configure WINS servers for PPP-client name resolution and DNS servers for PPP-client name resolution and IOLAN host name resolution (for example, when specifying Bootup file).

Functionality

You can configure up to four DNS and four WINS servers. If you specified a DNS and/or WINS server on the Network, IP Settings tabs (either IPv4 or IPv6), it will be automatically entered into the appropriate list. If the DNS and/or WINS server is provided by a DHCP server, these will NOT be viewable in the list, however, you can add DNS and/or WINS servers to supplement the DHCP supplied server.

Field Descriptions

The following buttons are available on this window:

Add DNS Button Adds a DNS server.

Edit DNS Button Edits an existing DNS server.

Delete DNS Button Deletes a DNS server.

Add WINS Button Adds a WINS server.

Edit WINS Button Edits an existing WINS server.

Delete WINS Deletes a WINS server. Button

Editing/Adding DNS/WINS Servers

Configure the parameter:

DNS IP Address

You can configure up to four DNS servers.

Field Format: IPv4 or IPv6 address

WINS IP Address

You can configure up to four WINS servers.

Field Format: IPv4 address

RIP

Overview

The Routing Information Protocol (RIP) is a routing protocol used with almost every TCP/IP implementation. Its function is to pass routing information from a router or gateway to a neighboring router(s) or gateway(s). RIP messages contain information about destinations which can be reached and the number of hops which are required. The hop-count is the basic metric of RIP and so RIP is referred to as a “distance vector protocol”. RIP messages are carried in UDP datagrams.

Functionality

You can configure RIP to selectively advertise networks remotely connected via a SLIP/PPP link on the Ethernet connection, and pass RIP routing information to remotely connected clients. As this can be undesirable in some environments, this behavior can be configured and is defaulted to the non-routing behavior.

Transmission and reception of Routing Information Protocol (RIP) packets over PPP and SLIP connections can be configured on a per user basis or on a per serial port basis.

The Routing parameter can be configured:

• On the Advanced tab for Remote Access (PPP) and Remote Access (SLIP) profiles configured for a serial port to determine the exchange of RIP packets between the IOLAN and remotely connected users connected from the serial side.
• On the Services tab for each local user to determine the exchange of RIP packets between the IOLAN and remotely connected users connected from the serial side.
• By the RADIUS server for users authenticated by RADIUS, the RADIUS-defined Framed-Routing parameter determines the exchange of RIP packets.

There are four options for setting the Routing parameters:

• None—Routing information is not exchanged across the link. This is the default setting for a line and a locally defined user.
• Send—Routing information is only transmitted to the remote user.
• Listen—Routing information is only received from the remote user.
• Send and Listen—Routing information is transmitted to and received from the remote user.

The local User Routing parameter or RADIUS Framed-Routing parameter, if set, override the serial port Routing parameter for a connection.

Field Descriptions

Configure the appropriate parameters:

Ethernet Mode Enable/disable RIP (Routing Information Protocol) mode for the Ethernet interface.

Data Options:

• None—Disables RIP over the Ethernet interface.
- Send—Sends RIP over the Ethernet interface.
- Listen—Listens for RIP over the Ethernet interface.
- Send and Listen—Sends RIP and listens for RIP over the Ethernet interface.

Default: None

Authentication Specify the type of RIP authentication.

Method

Data Options:

• None—No authentication for RIP.
- Password—Simple RIP password authentication.
• MD5—Use MD5 RIP authentication.

Default: None

Password Specify the password that allows the router tables to be updated.

Confirm Password Retype in the password to verify that you typed in it correctly.

ID

The MD5 identification key.

Start Date The start date that the MD5 key becomes valid. The date format is dependent on your system's settings.

Start Time The time that the MD5 key becomes valid. The time format is dependent on your system's settings.

End Date

The last day that the MD5 key is valid. The date format is dependent on your system's settings.

End Time The time that the MD5 key becomes invalid. The time format is dependent on your system's settings.

Key The MD5 key that is being used by your routers.

Confirm Key

Retype the MD5 key that is being used by your routers to verify that it was typed correctly.

Dynamic DNS

Overview

Dynamic DNS Service providers enable users to access a server connected to the internet that has been assigned a dynamic IP address. The IOLAN product line has built-in support for the DynDNS.com service provider. Refer to www.DynDNS.com for information on setting up an account.

Functionality

When the IOLAN is assigned a dynamic IP address, it will inform the DynDNS.com service provider of its new IP address. Users can then use DynDNS.com as a DNS service to get the IP address of the IOLAN. In order to take advantage of this service, the following steps need to be taken.

1. Create an account with DynDNS.com and configure the name your IOLAN will be known by on the internet (the Host name). For example, create a host name such as yourcompanySCS.DynDNS.org.
2. Enable the Network Dynamic DNS feature and configure the IOLAN's dynamic DNS parameters to match the Host's configuration on the DynDNS.com server. Every time the IOLAN gets assigned a new IP address, it will update DynDNS.com with the new IP address.
3. Users accessing the IOLAN via the internet can now access it via its fully qualified host name. For example, telnet yourcompanySCS.DynDNS.org.

Field Descriptions

Configure the appropriate parameters:

Enable Dynamic DNS for the system

Enables/disables the dynamic DNS feature. When Dynamic DNS is enabled, the IOLAN will automatically update its IP address with DynDNS.org if it changes.

Default: Disabled

Host

Specify the registered hostname with DynDNS.org that will be updated with the IOLAN's IP address should it change. Put in the full name; for example, mydeviceserver.dyndns.org.

User Name Specify the user name used to access the account set up on the DynDNS.org server.

Password Specify the password used to access the account set up on the DynDNS.org server.

Account Settings Button Click this button to configure the Dynamic DNS DynDNS.org account information.

Account Settings

Enter the information about your DynDNS.com account so the IOLAN can communicate IP address updates. These settings are global and apply to all Dynamic DNS settings.

Configure the appropriate parameters:

System Type Specify how your account IP address schema was set up with DynDNS.org. Refer to www.DynDNS.org for information about this parameter.

Data Options: Dynamic, Static, Custom

Default: Dynamic

Wildcard Adds an alias to *.yourcompanySCS.dyndns.org pointing to the same IP address as entered for yourcompanySCS.dyndns.org.

Connection Method Specify how the IOLAN is going to connect to the DynDNS.org server.

Data Options:

• HTTP
• HTTP through Port 8245
• HTTPS—for a secure connection to the DynDNS server

Default: Disabled

Cipher Suite Button Launches the cipher information window so you can specify the type of encryption that will be used for data that is transferred between the DynDNS.org server and the IOLAN.

See Cipher Suite Field Descriptions for more information.

Validate Peer Certificate

Enables/disables peer validation between the DynDNS.org server and the IOLAN. This may be desirable, since the DynDNS user name and password are sent from the Terminal Server to the DynDNS server when the IP address needs to be updated and when an account refresh is performed. Account refreshes are done periodically to ensure that DynDNS accounts do not auto-delete should the IP address change infrequently. This parameter will only take effect if HTTPS is selected as the connection method.

Default: Disabled

Validation Criteria Button

Launches the peer validation criteria window so you can specify the information used to validate the connection between the DynDNS.org server and the IOLAN.

See Validation Criteria Field Descriptions for more information.

Cipher Suite Field Descriptions

Some combinations of cipher groups may not be available on some firmware versions.

The SSL/TLS cipher suite is used to encrypt data between the IOLAN and the client. You can specify up to five cipher groups.

The following buttons are available:

Add Button Adds a cipher to the cipher list.

Edit Button Edits a cipher in the cipher list.

Delete Button Deletes a cipher from the cipher list.

Move Up Button Moves a cipher up in preference in the cipher list.

Move Down Button Moves a cipher down in preference in the cipher list.

Adding/Editing a Cipher Suite

To see a list of valid cipher suite combinations, see Appendix B, SSL/TLS Ciphers.

Configure the following parameters:

Key Exchange

The type of key to exchange for the encryption format.

Data Options:

• Any—Any key exchange that is valid is used (this does not, however, include ADH keys).
  • RSA—This is an RSA key exchange using an RSA key and certificate.
• EDH-RSA—This is an EDH key exchange using an RSA key and certificate.
• EDH-DSS—This is an EDH key exchange using a DSA key and certificate.
• ADH—This is an anonymous key exchange which does not require a private key or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.
• ECDH-ECDSA—This is an ECDH key exchange using a ECDSA key and certificate.

Default: Any

HMAC

Select the key-hashing for message authentication method for your encryption type.

Data Options:

Any
MD5
SHA1
SHA256
SHA384

Default: Any

Validation Criteria Field Descriptions

If you choose to configure validation criteria, the information in the peer SSL/TLS certificate must match exactly the information configured in this window in order to pass peer authentication and create a valid SSL/TLS connection.

Configure the following parameters:

Country

A country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Data Options: Two characters

IPv6 Tunnels

Overview

IPv6 tunnels transport IPv6 data packets from one IPv6 network to another IPv6 network over an IPv4 network. In addition to creating the IPv6 tunnel, you must also create the route that will transport the data packets through the IPv4 network in the Route List (see Route List for more information).

Field Descriptions

The following buttons are available:

Add Button Adds an IPv6 tunnel.

Edit Button Edits an existing IPv6 tunnel.

Delete Button

Deletes an IPv6 tunnel. If a tunnel is associated with a route, it cannot be deleted until the route is either changed or deleted.

Adding/Editing an IPv6 Tunnel

When you add/edit an IPv6 tunnel, you are determining how an IPv6 message will reach an IPv6 device through an IPv4 network.

Configure the following parameters:

Name

The name of the IPv6 tunnel.

Field Format: Maximum 16 alphanumeric characters

Default: ipv6_tunnel1

Mode

The method or protocol that is used to create the IPv6 tunnel.

• Manual—When enabled, the IOLAN will manually create the IPv6 tunnel to the specified Remote Host through the specified Interface.
• 6to4—When enabled, the IOLAN will broadcast to the multicast address 192.88.99.1 through the specified Interface. When the closest 6to4 router responds, it will create the IPv6 tunnel, encapsulating and decapsulating IPv6 traffic sent to and from the IOLAN.
• Teredo—When enabled, the Teredo protocol encapsulates the IPv6 packet as an IPv4 UDP message, allowing it to pass through most network address translator (NAT) boxes and create an IPv6 tunnel to the specified Remote Host (a Teredo server) through the specified Interface.

Default: Manual

Remote Host

The IPv4 host that can access the IPv6 network when the Mode is Manual.

The Teredo server when the Mode is Teredo.

Default: None

Interface

The interface that the IOLAN is going to use to access the Remote Host. The list is comprised of the Ethernet interface(s) and serial ports configured for the Remote Access (PPP) or Remote Access (SLIP) profiles.

Default: Ethernet 1

Configuring Users

Introduction

You can configure up to four users in the IOLAN's local user database for all DS, SDS, and STS 1-port to 4-port desktop models, in addition to the admin user. You can configure up to 48 users in the IOLAN's local user database for all STS, SCS, and SDS rack mount models and all MDC medical unit models, in addition to the admin user. A user can even represent a device, like a barcode reader or a card swipe device, that you want to be authenticated.

When users are connecting to the IOLAN via serial ports, the user database can be used to:

• Have the user authenticated prior to establishing a connection to a network host.
• Establish a different connection type to the host specific to each user.
  • Create a profile different from the Default user profile.

When users are connecting to the IOLAN from a network connection, the user database can be used to:

• Provide authentication on the IOLAN prior to establishing a serial connection via PPP or SLIP.
• Authenticate users prior to providing access to a serially attached console port (such as a Unix server or router).

You do not need user accounts for users who are externally authenticated.

User Settings

Overview

The Users window allows you to add, edit, and delete users from the IOLAN.

Functionality

The Users window displays the users who have been configured. You can add users, edit existing users, or delete users from this window. You cannot delete the pre configured admin user. See Adding/Editing Users for information on the parameters available when adding or editing a user.

Adding/Editing Users

General Tab

Overview

The General tab configures the basic user information.

Functionality

You must, minimally, provide a User Name and Level for a user.

Field Descriptions

Configure the following parameters:

User Name The name of the user.

Restrictions: Do not use spaces.

Password The password the user will need to enter to login to the IOLAN.

Confirm Password Enter the user's password again to verify it is entered correctly.

Level

The access that a user is allowed.

Data Options:

• Admin—The admin level user has total access to the IOLAN. You can create more than one admin user account but we recommend that you only have one. They can monitor and configure the IOLAN. Users configured with this level can access the unit either via serial Terminal Profile connection or via a network originated Telnet or SSH connection to the IOLAN.
• Normal—The Normal level user has limited access to the IOLAN. Limited CLI commands and Menu access are available with the ability to configure the user's own configuration settings. Users configured with this level can access the unit either via serial Terminal Profile connection or via a network originated Telnet or SSH connection to the IOLAN.
• Restricted—The Restricted level user can only access predefined sessions or access the Easy Port Access menu. Users configured with this level will be restricted to pre-defined sessions or limited CLI commands when connecting through the serial port via the Terminal Profile. The CLI commands are limited to those used for initiating a session. If connection to the IOLAN is done with Telnet or SSH from the network, the user will be presented with the Easy Port Access menu.
• Menu—The menu level user will only be able to access predefined session when connecting through a serial port with the Terminal profile or will be limited to the Easy Port Access menu when connecting from the network. The Easy Port Access allows the user to connect to the accessible line without disconnecting their initial connection to the IOLAN. Does not have any access to CLI commands.

When the admin user logs into the IOLAN, the prompt ends with a #, whereas all other users' prompts ends with a \$ or £, depending on the character set.

Default: Normal

A technique for giving a serially attach user (dial-in or terminal attached), the same menus as one that is network connected is to do the following:

1. Define the serial port with a Terminal Profile using telnet protocol with a direct connection to Host IP address 127.0.0.0 (local loop back).
2. When the user connects to that serial port a Telnet session will be established to the IOLAN and the user will appear to have connected from the network.

Services Tab

Overview

The Services tab configures the connection parameters for a user. Any connection parameters configured in this window will override the serial port connection parameters.

Functionality

When a Terminal profile is set for the serial port and Require Login has been selected, user's accessing the IOLAN through the serial port will be authenticated. Once authentication is successful, the Service specified here is started. For example, if the Service Telnet is specified, the IOLAN will start a Telnet connection to the specified Host IP/TCP Port after the user is successfully authenticated (logs in successfully).

Within the Terminal profile, there are a number of settings that apply to possible Services. Once it is known which user is connected, and which service is to be used, then the settings from both the Terminal profile and the user are used. User parameters take precedence over serial port parameters.

Field Descriptions

Configure the following parameters:

Service

Used in conjunction with the Terminal Profile. After the user has successfully been authenticated, the specified service is started.

Data Options: DSPrompt, Telnet, SSH, RLogin, SLIP, PPP, TCP Raw, SSL Raw

Default: DSPrompt

Host IP

When the User Service is set to Telnet or TCP Clear, the target host IP address. If no IP address is specified, the Host IP value in the Default User configuration will be used.

Default: None

TCP Port

When the User Service is Telnet, this is the target port number. The default value will change based on the type of Service selected; the most common known port numbers are used as the default values.

IPv4 Address

Used for User Service PPP or SLIP, sets the IP address of the remote user. Enter the address in dot decimal notation as follows:

• n.n.n.n—(where n is a number) Enter the IP address of your choice. This IP address will then be used in preference to the Remote IP Address set for a line.
  The following IP addresses have a special meaning:
• 255.255.255.254—The IOLAN will use the Remote IP Address set in the PPP settings for the serial port that this user is connecting to.
• 255.255.255.255—When the User Service is PPP, the IOLAN will allow the remote machine to specify its IP address (overriding the IP address negotiation value configured in the PPP settings).
• 255.255.255.255—When the User Service is SLIP, the IOLAN will use the Remote IP Address set for the line (no negotiation).

Default: 255.255.255.254

IPv4 Subnet Mask

If the remote user is on a subnet, enter the network's subnet mask. For example, a subnet mask of 255.255.0.0.

IPv6 Interface Indentifier

Used for User Service PPP, sets the IPv6 address of the remote user. Enter the address in IPv6 format.

Field Format: The first 64 bits of the Interface Identifier must be zero, therefore, ::abcd:abcd:abcd:abcd is the expected format.

MTU

Used for User Service PPP or SLIP, specifies the maximum size of packets, in bytes, being transferred across the link. On noisy links it might be preferable to fragment large packets being transferred over the link, since there will a be quicker recovery from errors.

Data Options:

• PPP—MTU will be the maximum size of packets that the IOLAN will negotiate for this port. This value is negotiated between the two ends of the link.
• SLIP—MTU will be the maximum size of packets being sent by the IOLAN.

The User MTU value will override the MTU/MRU values set for a Serial Port.

Range: PPP: 64-1500 bytes, SLIP: 256-1006 bytes

Default: PPP is 1500 bytes, SLIP is 256 bytes

Routing

Determines the routing mode used for RIP packets on the PPP and SLIP interfaces. Values are:

• None—RIP packets are neither received nor sent by the IOLAN.
• Send—RIP packets can only be sent by the IOLAN.
• Listen—RIP packets can only be received by the IOLAN.
• Send and Listen—RIP packets are sent and received by the IOLAN.

Default: None

Enable VJ Compression

Used for User Service PPP or SLIP, determines whether Van Jacobsen Compression is used on the link. VJ compression is a means of reducing the standard TCP/IP header from 40 octets to approximately 5 octets. This gives a significant performance improvement, particularly when interactive applications are being used. For example, when the user is typing, a single character can be transmitted and thus have the overhead of the full TCP/IP header. VJ Compression has minimal effect on other types of links, such as ftp, where the packets are much larger. The User VJ Compression option will override the VJ Compression value set for a Serial Port.

Default: Disabled

Advanced Tab

Overview

The Advanced tab is used to configure those parameters that control the user session; this includes session length, language, the hotkey used for switching between sessions, access to clustered ports, etc.

Field Descriptions

Configure the following parameters:

Idle Timeout

The amount of time, in seconds, before the IOLAN closes a connection due to inactivity. The default value is 0 (zero), meaning that the Idle Timer will not expire (the connection is open permanently). The User Idle Timeout will override all other Serial Port Idle Timeout parameters.

Range: 0-4294967

Default: 0

Sessions Tab

Overview

The Sessions tab is used to configure specific connections for users who are accessing the network through the IOLAN's serial port.

Functionality

Users who have successfully logged into the IOLAN (User Service set to DSprompt) can start up to four login sessions on network hosts. These users start sessions through the EasyPort Menu option Sessions.

Multiple sessions can be run simultaneously to the same host or to different hosts. Users can switch between different sessions and also between sessions and the IOLAN using Hotkey commands (see Hotkey Prefix for a list of commands).

Users with Admin or Normal privileges can define new sessions and use them to connect to Network hosts; they can even configure them to start automatically on login to the IOLAN. Restricted and Menu users can only start sessions predefined for them in their user configuration.

Field Descriptions

Configure the following parameters:

Serial Port Access Tab

Overview

The Serial Port Access tab controls the user's read/write access on any given IOLAN serial port. This pertains to users that are connecting from the network to a serial over a Console Management type session.

This can be useful when you have multiple users connecting to the same serial device and you wish to control the viewing and/or the write to and from the device. See the Multisessions and User Authentication parameters in the Console Management Profile for the serial port settings.

Field Descriptions

Configure the following parameters:

Serial Port Access

Specifies the user access rights to each IOLAN serial port device. There can be multiple users connected to a particular serial device and these settings determine the rights of this user for any of the listed serial ports.

Data Options:

• Read/Write—The user has read and write access to the serial port.
• Read In—The User will see data going to the serial port, from all network-connected users that have write privileges to this serial port.
• Read Out—The user will have access to all data originating from the serial device.

Users can read data going in both directions by selecting both the Read In and Read Out options.

Default: Read/Write

Allow Access to Clustered Ports

When enabled, allows the user access to IOLANs that have been configured in the clustering group.

Default: Enabled

Configuring Security

Introduction

The Security group includes the following configuration options:

• Authentication—When a serial port is configured for the Console Management or TCP Sockets profile, the user can be authenticated either locally in the IOLAN user profile or externally. This option configures the external authentication server. See Authentication for more information.
• SSH—This configuration window configures the SSH server in the IOLAN. See SSH for more information.
• SSL/TLS—This configuration window configures global SSL/TLS settings, which can be overridden on the serial port level. See SSL/TLS for more information.
• VPN—This configuration window configures the Virtual Personal Network (VPN) IPsec and L2TP/IPsec tunnel parameters. See VPN for more information.
• HTTP Tunnel—This configuration window configures the Http Tunneling parameters. See HTTP Tunneling for more information.
• Services—This configuration window is used to enable/disabled client and daemon services that run in the IOLAN. See Services for more information.

Authentication

Authentication can be handled by the IOLAN or through an external authentication server.

Authentication is different from authorization, which can restrict a user's access to the network (although this can be done through the concept of creating sessions for a user, see Sessions Tab for more information). Authentication ensures that the user is defined within the authentication database—with the exception of using the Guest authentication option under Local Authentication, which can accept any user ID as long as the user knows the configured password.

For external authentication, the IOLAN supports RADIUS, Kerberos, LDAP/Microsoft Active Directory, TACACS+, SecurID, and NIS. You can specify a primary authentication method and a secondary authentication method. If the primary authentication method fails (cannot connect to the server or authentication fails), the secondary authentication method is tried (unless you enable the Only Use as backup option, in which case the secondary authentication method will be tried only when the IOLAN cannot communicate with the primary authentication host). This allows you to specify two different authentication methods. If you do specify two different authentication methods, the user will be prompted for his/her username once, but will be prompted for a password for each authentication method tried. For example, user Alfred's user ID is maintained in the secondary authentication database, therefore, he will be prompted for his password twice, because he is not in the primary authentication database. Unlike the other external authentication methods, RADIUS and TACACS+ can also send back Serial Port and User parameters that are used for the duration of the

connection. Therefore, any parameters configured by RADIUS or TACACS+ will override the same parameters configured in the IOLAN. See Appendix A, RADIUS and TACACS+ for more information.

Authentication

In the Authentication window, you can select up to two methods of authentication made up of external authentication options and/or the local user database.

Configure the following parameters:

Local

Overview

When Local authentication is selected, the user must either be configured in the IOLAN's User List or you must enable Guest users.

Field Descriptions

Configure the following parameters:

Enable Guest Mode Allow users who are not defined in the Users database to log into the IOLAN with any user ID and the specified password. Guest users inherit their settings from the Default User's configuration.

Default: Disabled

Guest Password The password that Guest users must use to log into the IOLAN.

Confirm Password Type the Guest Password in again to verify that it is correct.

Enable Login Once When this option is selected, only one user with the same username can be signed in at one time. Should the same user with the same username attempt to sign in again, their first session will be terminated and they will gain entry to their new session.

Enable Password Rules When this option is selected, the following password rules will apply. The password must be 8 characters long and contain at least one number.

Enable Account Lockout When this option is selected, the IOLAN's internal local user database will provide a 10 second delay after each invalid attempt. If 5 invalid attempts are made within 1 minute the user will be locked out from further attempts for 5 minutes.

RADIUS

Overview

RADIUS is an authentication method that the IOLAN supports that can send back User information; see RADIUS for more information on the User parameters that can be sent back by RADIUS.

General Field Descriptions

Configure the following parameters:

First Authentication Name of the primary RADIUS authentication host. Host Default: None

Second Name of the secondary RADIUS authentication host, should the first RADIUS Authentication Host host fail to respond. Default: None

Secret The secret (password) shared between the IOLAN and the RADIUS authentication host.

Authentication Port The port that the RADIUS host listens to for authentication requests. Default: 1812

Enable Accounting Enables/disables RADIUS accounting. Default: Disabled

First Accounting Host Name of the primary RADIUS accounting host. Default: None

Second Accounting Name of the secondary RADIUS accounting host. Host Default: None

Secret The secret (password) shared between the IOLAN and the RADIUS accounting host.

Account Port The port that the RADIUS host listens to for accounting requests.

Default: 1813

Enable Accounting Authenticator Enables/disables whether or not the IOLAN validates the RADIUS accounting response.

Default: Enabled

Retry The number of times the IOLAN tries to connect to the RADIUS server before erroring out.

Range: 0-255

Default: 5

Timeout The time, in seconds, that the IOLAN waits to receive a reply after sending out a request to a RADIUS accounting or authentication host. If no reply is received before the timeout period expires, the IOLAN will retry the same host up to and including the number of retry attempts.

Range: 1-255

Default: 3 seconds

Attributes Field Descriptions

Configure the following parameters:

NAS-Identifier This is the string that identifies the Network Address Server (NAS) that is originating the Access-Request to authenticate a user.

Field Format: Maximum 31 characters, including spaces

Automatically determine NAS-IP-When enabled, the IOLAN will send the IOLAN's Ethernet 1 IPv4 address to the RADIUS server.

Address Default: Enabled

Kerberos

Field Descriptions

Configure the following parameters:

Realm The Kerberos realm is the Kerberos host domain name, in upper-case letters.

KDC Domain The name of a host running the KDC (Key Distribution Center) for the specified realm. The host name that you specify must either be defined in the IOLAN's Host Table before the last reboot or be resolved by DNS.

KDC Port The port that the Kerberos server listens to for authentication requests.

Default: 88

LDAP/Microsoft Active Directory

Overview

LDAP (Lightweight Directory Access Protocol) is an application protocol for querying and modifying directory services running over TCP/IP. It is also used as a method of authenticating users. Microsoft Active Directory is an LDAP like directory service. It can be used for authenticating users in a similar fashion to LDAP. In this manual, the use of LDAP is synonymous with Microsoft Active Directory.

The following parameter need to be configured to use this feature.

Field Descriptions

Host Name The name or IP address of the LDAP/Microsoft Active Directory host. If you use a host name, that host must either have been defined in the IOLAN's Host Table before the last reboot or be resolved by DNS. If you are using TLS, you must enter the same string you used to create the LDAP certificate that resides on your LDAP/Microsoft Active Directory server.

Port The port that the LDAP/Microsoft Active Directory host listens to for authentication requests.

Default: 389

Base The domain component (dc) that is the starting point for the search for user authentication. You can enter up to 128 characters for the base.

User Attribute

This defines the name of the attribute used to communicate the user name to the server.

Options:

• OpenLDAP(uid)—Chose this option if you are using an OpenLDAP server. The user attribute on this server is “uid”.
• Microsoft Active Directory(sAMAccountName)—Chose this option if your LDAP server is a Microsoft Active Directory server. The user attribute on this server is “sAMAccountName”.
• Other—If you are running something other than a OpenLDAP or Microsoft Active Directory server, you will have to find out from your system administrator what the user attribute is and enter it in this field.

Default: OpenLDAP(uid)

Encrypt Passwords Using MD5 digest

Checking this parameter will cause the IOLAN to encrypt the password using MD5 digest before sending it to server. If this option is not checked, the password is sent to the server in the clear.

Default: Disabled

Authenticate IOLAN with LDAP server

This option will cause the Terminal Server to authenticate with the LDAP server before the user authentication takes place. The user name/password to use for this authentication is configured below.

Default: Disabled

Name The user name associated with the IOLAN

Append Base to Name

When checked, this causes the domain component configured in the “base” parameter to be appended to the user name. This allows for a fully qualified name to be used when authenticating the IOLAN.

Default: Enabled but if the base parameter is not configured, it does not modify the name.

Confirm

You must enter the exact same value as the password field. Since the password is not echoed, this ensures that the field was entered correctly.

Default: Blank

Enable TLS

Enables/disables the Transport Layer Security (TLS) with the LDAP/Microsoft Active Directory host.

Default: Disabled.

TLS Port

Specify the port number that LDAP/Microsoft Active Directory will use for TLS.

Default: 636

If you are using LDAP or Microsoft Active Directory with TLS, you need to download a CA list to the IOLAN that includes the certificate authority (CA) that signed the LDAP certificate on the LDAP host by selecting Tools, Advanced, Keys and Certificates. See Keys and Certificates for more information on the LDAP certificate.

TACACS+

Overview

TACACS+ is an authentication method that the IOLAN supports that can send back User information; see Appendix A, RADIUS and TACACS+ for more information on the User parameters that can be sent back by TACACS+.

Field Descriptions

Configure the following parameters:

Enable Accounting Enables/disables TACACS+ accounting.

Default: Disabled

SecurlD

Overview

If you need to reset the SecurID secret, select Tools, Reset, Reset SecurID Node Secret.

Field Descriptions

Configure the following parameters:

Primary/Master Host The first SecurID server that is tried for user authentication. Default: None

Replica/Slave Host If the first SecurID server does not respond to an authentication request, this is the next SecurID server that is tried for user authentication. Default: None

UDP Port The port number that SecurID listens to for authentication requests. Default: 5500

Encryption Type The type of encryption that will be used for SecurID server communication.

Data Options: DES, SDI

Default: SDI

Legacy If you are running SecurID 3.x or 4.x, you need to run in Legacy Mode. If you are running SecurID 5.x or above, do not select Legacy Mode.

Default: Disabled

NIS

Field Descriptions

Configure the following parameters:

NIS Domain The NIS domain name.

Primary NIS Host The primary NIS host that is used for authentication.

Default: None

Secondary NIS Host The secondary NIS host that is used for authentication, should the primary NIS host fail to respond.

Default: None

SSH

Overview

The IOLAN contains SSH Server software that you need to configure if the IOLAN is going to be accessed via SSH. If you specify more than one Authentication method and/or Cipher, the IOLAN will negotiate with the client and use the first authentication method and cipher that is compatible with both systems.

Functionality

When you are using the SSH connection protocol, keys need to be distributed to all users and the IOLAN. Below are a couple of example scenarios for key/certificate distribution.

Users Logging into the IOLAN Using SSH

This scenario applies to serial ports configured for Console Management using the SSH protocol. In the following example, users are connecting to the IOLAN via SSH from the LAN. Therefore, the following keys need to be exchanged:

• Upload the IOLAN SSH Public Key to each user's host machine who is connecting and logging into the IOLAN using SSH.
• Download the SSH Public Key from each user's host machine who is connecting and logging into the IOLAN using SSH.

graph LR
    Server --> DeviceServer["Device Server"]
    DeviceServer --> Network["Network"]
    Network --> SSH["SSH"]
    subgraph Cloud
        Cloud1["Lynn\nDevice Server Public Key\nLynn Private Key"]
        Cloud2["Tracy\nDevice Server Public Key\nTracy Private Key"]
        Cloud3["Dennis\nDevice Server Public Key\nDennis Private Key"]
    end

Users Passing Through the IOLAN Using SSH (Dir/Sil)

This scenario applies to serial ports configured for the Terminal profile and are required to login to the IOLAN. The user's service is set to the SSH protocol, therefore, users first log into the IOLAN and then are connected to a specified host (configured for the user when User Service SSH is selected) through an SSH connection. Lynn and Tracy automatically connect to the HR Server and Dennis automatically connects to the Development Server via SSH through the IOLAN. All the SSH negotiation is being done between the IOLAN and the target servers, therefore, the following keys need to be exchanged:

• Download the SSH Host Public Key to the IOLAN for each of the hosts that the IOLAN is connecting to.
• Download the SSH User Private Key for each user whose User Service is set to SSH.
• Copy the SSH User Public Key to the host that the user is connecting to (this is done outside the scope of the IOLAN).

graph LR
    A["HR Server"] -->|SSH| B["Device Server"]
    B --> C["Lynn"]
    B --> D["Tracy"]
    B --> E["Dennis"]
    A --> F["Sales Server\nSales Server Private Key\nDennis Public Key"]
    B --> G["Sales Server Public Key\nHR Server Public Key\nLynn Private Key\nTracy Private Key\nDennis Private Key"]

HR Server Private Key Lynn Public Key Tracy Public Key

Field Descriptions

Configure the following parameters:

Some combinations of cipher groups are not available on FIPS firmware versions. SSH-1 protocol is not available on FIPS firmware versions.

SSL/TLS

Overview

When SSL/TLS is configured, data is encrypted between the IOLAN and the host/device (which must also support SSL/TLS). When you configure the SSL/TLS settings in the System section, you are configuring the default global SSL/TLS settings; you are not configuring an SSL/TLS server.

Functionality

You can create an encrypted connection using SSL/TLS for the following profiles: TruePort, TCP Sockets, Terminal (the user's Service must be set to SSL_Raw), Serial Tunneling, Virtual Modem, and Modbus.

When configuring SSL/TLS, the following configuration options are available:

• You can set up the IOLAN to act as an SSL/TLS client or server.
• There is an extensive selection of SSL/TLS ciphers that you can configure for your SSL/TLS connection; Appendix B, SSL/TLS Ciphers for a list of SSL/TLS ciphers.

Some combinations of cipher groups are not available on FIPS firmware versions.

- You can enable peer certificate validation, for which you must supply the validation criteria that was used when creating the peer certificate (this is case sensitive).

See Keys and Certificates for information about SSL/TLS support documents.

Field Descriptions

Configure the following parameters:

SSL/TLS Version

Specify whether you want to use:

• Any—The IOLAN will try a TLSv1 connection first. If that fails, it will try an SSLv3 connection. If that fails, it will try an SSLv2 connection.
• SSLv3—The connection will use only SSLv3.
• TLSv1—The connection will use only TLSv1.
• TLSv1.1—The connection will use only TLSv1.1.
  • TLSv1.2—The connection will use only TLSv1.2.

Default: Any

SSL/TLS Type

Specify whether the IOLAN serial port will act as an SSL/TLS client or server.

Default: Client

Cipher Suite Button Click this button to specify SSL/TLS connection ciphers.

Validate Peer Certificate

Enable this option when you want the Validation Criteria to match the Peer Certificate for authentication to pass. If you enable this option, you need to download an SSL/TLS certificate authority (CA) list file to the IOLAN.

Default: Disabled

Validation Criteria Button

Click this button to create peer certificate validation criteria that must be met for a valid SSL/TLS connection.

SSL Certificate Passphrase

This is the SSL/TLS passphrase used to generate an encrypted RSA/DSA private key. This private key and passphrase are required for both HTTPS and SSL/TLS connections, unless an unencrypted private key was generated, then the SSL passphrase is not required. Make sure that you download the SSL private key and certificate if you are using the secure HTTP option (HTTPS) or SSL/TLS. If both RSA and DSA private keys are downloaded to the IOLAN, they need to be generated using the same SSL passphrase for both to work.

Cipher Suite Field Descriptions

Some combinations of cipher groups may not be available on some firmware versions.

The SSL/TLS cipher suite is used to encrypt data between the IOLAN and the client. You can specify up to five cipher groups.

The following buttons are available on the Cipher Suite window:

Add Button Adds a cipher to the cipher list.

Edit Button Edits a cipher in the cipher list.

Delete Button Deletes a cipher from the cipher list.

Move Up Button Moves a cipher up in preference in the cipher list.

Move Down Button Moves a cipher down in preference in the cipher list.

Adding/Editing a Cipher

See Appendix B, SSL/TLS Ciphers for a list of valid SSL/TLS ciphers.

Configure the following parameters:

Key Exchange

The type of key to exchange for the encryption format.

Data Options:

• Any—Any key exchange that is valid is used (this does not, however, include ADH keys).
  • RSA—This is an RSA key exchange using an RSA key and certificate.
• EDH-RSA—This is an EDH key exchange using an RSA key and certificate.
• EDH-DSS—This is an EDH key exchange using a DSA key and certificate.
• ADH—This is an anonymous key exchange which does not require a private key or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.
• ECDH-ECDSA—This is an ECDH key exchange using a ECDSA key and certificate.

Default: Any

HMAC

Select the key-hashing for message authentication method for your encryption type.

Data Options:

Any
MD5
SHA1
SHA256
SHA384

Default: Any

Validation Criteria Field Descriptions

If you choose to configure validation criteria, then the information in the peer SSL/TLS certificate must match exactly the information configured in this window in order to pass peer authentication and create a valid SSL/TLS connection.

Configure the following parameters:

Country

A country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Data Options: Two characters

VPN

Overview

A Virtual Private Network (VPN) creates a secure, dedicated communications network tunnelled through another network.

You can configure the IOLAN for:

• a host-to-host Virtual Private Network (VPN) connection
• a host-to-network VPN connection
  • a network-to-network VPN connection
• or host/network-to-IOLAN VPN connection (allowing serial devices connected to the IOLAN to communicate data to a host/network).

In addition to being able to configure up to 64 IPsec tunnels, you can configure an L2TP/IPsec tunnel that will allow hosts to create a VPN tunnel to the IOLAN. The L2TP/IPsec VPN protocol is required by the Windows XP ^® operating system. Later versions of Windows ^® may support both VPN protocols, however check with the Windows ^® documentation that came with your Windows ^® pc.

Before you enable/configure any VPN tunnels, you should configure any exceptions or you might not be able to access the IOLAN except through a VPN tunnel or the console port. See Exceptions for more information about exceptions.

Note: If you are configuring IPsec and/or L2TP/IPsec, you must also enable the IPsec service found in Security, Services navigation tree.

Functionality

The information in this section applies only to setting up IPsec VPN tunnels, not L2TP/IPsec VPN tunnels.

The IOLAN can be configured as a VPN gateway using the IPsec protocol. You can configure the VPN connection using two IOLANs as the local and remote VPN gateways or the IOLAN as the local VPN gateway and a host/server running the VPN software as the remote VPN gateway.

If the VPN tunnel is being configured for an IPv6 network that is going through a router(s), the router(s) must have manual IPv6 address entry capability, similar to what Windows Vista ^® provides.

VPN servers/clients can support various VPN parameters. However, the following parameters are REQUIRED to be set to the following values to support a VPN tunnel between the IOLAN and a VPN server/client:

perfect forward secrecy: no
protocol: ESP
mode: tunnel (not transport)
opportunistic encryption: no
aggressive mode: no 

IKE Phase 1 Proposals

The following IKE Phase 1 proposals are supported by the IOLAN VPN gateway:

• Ciphers—3DES, AES
- Hashes—MD5, SHA1
- Diffie-Hellman Groups—2 (MODP1024), 5 (MODP1536), 14 (MODP2048), 15 (MODP3072), 16 (MODP4096), 17 (MODP6144), 18 (MODP8192)

ESP Phase 2 Proposals

The following ESP Phase 2 proposals are supported by the IOLAN VPN gateway:

• Ciphers—3DES, AES
• Authentication Algorithms—MD5, SHA1, SHA2

IPsec

When an IPsec tunnel becomes active, you are requiring that all access to the IOLAN go through the configured IPsec tunnel(s), so you must configure any exceptions first see (Exceptions). for more information on exceptions) or you will not be able to access the IOLAN through the network unless you are configured to go through the IPsec tunnel (you can still access the IOLAN through the Console port).

Field Descriptions

The following buttons are available:

Add Button Click this button to add a new IPsec VPN tunnel.

Edit Button Select an existing IPsec VPN tunnel to edit the tunnel's parameters.

Delete Button Select an existing IPsec VPN tunnel to remove the tunnel.

Adding/Editing the IPsec Tunnel

When you click the Add button or select an IPsec tunnel and click the Edit button, the following window is displayed:

Configure the following parameters:

Name

Provide a name for the IPsec VPN tunnel to make it easy to identify.

Text Characteristics: Maximum of 16 characters, spaces not allowed

Authentication Method

Specify the authentication method that will be used between VPN peers to authenticate the VPN tunnel.

Data Options:

• Shared Secret—A text-based secret that is used to authenticate the IPsec tunnel (case sensitive). This applies to all VPN tunnels (IPsec and L2TP/IPsec).
• RSA Signature—RSA signatures are used to authenticate the IPsec tunnel. When using this authentication method, you must download the IPsec RSA public key to the IOLAN and upload the IPsec RSA public key from the IOLAN to the VPN gateway.
• X.509 Certificate—X.509 certificates are used to authenticate the IPsec tunnel. When using this authentication method, you must include the signing authority's certificate information in the SSL/TLS CA list and download it to the IOLAN.

Default: Shared Secret

Shared Secret Field Description

When the Authentication Method is set to Shared Secret, you can enter a secret that applies to all VPN tunnels (both the IPsec and L2TP/IPsec protocols) to successfully authenticate and create a valid connection.

Configure the following parameter:

Secret

When the Authentication Method is set to Shared Secret, enter the case-sensitive secret word. This applies to all VPN tunnels (IPsec and L2TP/IPsec).

Field Format: Maximum of 16 characters, spaces not allowed

Remote Validation Criteria Field Descriptions

When the Authentication Method is set to X.509 Certificate, you can configure the remote validation criteria. The information in the remote X.509 certificate must match exactly the information configured in this window in order to successfully authenticate and create a valid connection. If using an asterisk(*) for wildcard matching the Boot Action must be set to Add (Listen).

Configure the following parameters:

Email

An entry for an email address; for example, acct@anycompany.com. This field is case sensitive in order to successfully match the information in the remote X.509 certificate.

Data Options: Maximum 64 characters, If using an asterisk (*) for wildcard matching, the Boot Action must be set to Add (Listen).

L2TP/IPsec

In order to create a VPN tunnel on Windows XP ^® , you must use the L2TP/IPsec protocol. When L2TP/IPsec is enabled, the IOLAN will listen for L2TP/IPsec VPN tunnel requests.

When you enable L2TP/IPsec, you are requiring that all access to the IOLAN go through the L2TP/IPsec tunnel, so you must configure any exceptions first see (Exceptions) for more information on exceptions) or you will not be able to access the IOLAN through the network unless you are configured to go through the L2TP/IPsec tunnel (you can still access the IOLAN through the Console port).

Field Descriptions

Configure the following parameters:

Allow L2TP/IPsec connections

When enabled, the IOLAN listens for L2TP/IPsec VPN tunnel connections. Note: to allow non-VPN tunnel connections to the IOLAN, you must create entries in the VPN Exceptions list.

Default: Disabled

Local IP Address

If the IPsec local address is set to 0.0.0.0, the IOLAN will listen for L2TP/IPsec connections on (the IP address of) the network interface associated with (ie: on the same network as) the IOLAN's default gateway. If no default gateway exists, the IOLAN will not listen for L2TP/IPsec connections.

Default: 0.0.0.0

Exceptions

Exceptions allow specific hosts or any host in a network to access the IOLAN outside of a VPN tunnel. This is especially useful when allowing local network hosts access to the IOLAN when VPN tunnels have been configured for remote user security.

Field Descriptions

The following buttons are available:

Add Button Click the Add button to add a VPN exception to the Exception List.

Edit Button Highlight an Exception List entry and click the Edit button to change the entry.

Delete Button Highlight an Exception List entry and click the Delete button to remove the entry from the list.

Adding/Editing a VPN Exception

The following parameters are available:

IP Address The IP address of the host that will communicate with the IOLAN outside of the VPN tunnel.

Field Format: IPv4 or IPv6 address

Network The network address that will communicate with the IOLAN outside of the VPN tunnel.

Field Format: IPv4 or IPv6 address

IPv4 Subnet Mask The IPv4 subnet mask for the IPv4 network.

Default: 0.0.0.0

IPv6 Prefix Bits The IPv6 prefix bits for the IPv6 network.

Range: 0-128

Default: 0

Advanced

Field Description

IPsec Settings

These settings are global and apply to all VPN connections.

Use NAT Traversal (NAT_T)

Configure the following parameter:

Use NAT Traversal (NAT_T)

NAT Traversal should be enabled when the IOLAN is communicating through a router/gateway to a remote VPN that also has NAT Traversal enabled.

Default: Enabled

HTTP Tunneling

Overview

A HTTP tunnel is a firewall-safe communication channel between two IOLAN's. HTTP tunnels can transport arbitrary TCP/IP or UDP/IP data for applications such as Telnet/SSH or any other TCP application and most UDP applications.

You can configure the IOLAN for:

• a serial-to-serial HTTP tunnel connection
• a serial-to-host HTTP tunnel connection
• a host-to-host HTTP tunnel connection
• Tunnel Relay connection

See Configuring HTTP Tunnels for more information on setup requirements for these scenarios.

Functionality

The information in this section applies only to setting up HTTP tunnels.

A minimum of two IOLAN's must be configured to create a communication channel. One IOLAN must be configured as the listener and the other IOLAN must be configured as the connecting IOLAN.

Adding/Editing the HTTP Tunnel

Field Descriptions

The following buttons are available:

Add Button Click the Add button to add an HTTP Tunnel entry to the list.

Edit Button Highlight an HTTP Tunnel entry and click the Edit button to change the entry.

Delete Button Highlight an HTTP Tunnel entry and click the Delete button to remove the entry from the list.

Configuring HTTP Tunnel

Field Descriptions

The following parameters are available for configuring a HTTP Tunnel.

HTTPS mode requires that the SSL Passphrase is already defined in the IOLAN configuration and the SSL/TLS certificate/private key and CA list must have already been downloaded to the IOLAN; see Keys and Certificates for more information.

Configuring HTTP Tunnel Proxy

Proxy servers are used in larger companies and organizations. Ask your network administrator if you need to configure a Proxy server.

Field Descriptions

The following parameters are available for configuring the Proxy specific parameters.

Use HTTP Proxy Enables the Proxy parameters.

Host/IP The Host name or IP address of the Proxy server.

Port The HTTP/HTTPS port number of the Proxy server. Default: 8080.

Username The "username" which will be used by the Terminal Server to authenticate with the proxy server (if authentication is required by the proxy server).

Password The "password" which will be used by the Terminal Server to authenticate with the proxy server (if authentication is required by the proxy server).

Domain This field is only used if authentication is needed with the proxy server. If the proxy server does not expect this field, it can be left blank.

We support the following types of authentication; Local Windows account authentication (clear text, SPA) and Digest authentication (MD5).

Ensure that your Proxy Server does not restrict HTTP-CONNECT messages to port 443 and allows HTTP-CONNECT messages on Port 80

Configuring HTTP Tunnel Proxy Advanced

Field Descriptions

Keepalive Interval

The number of seconds between sending keepalives for HTTP connections. Keepalives are used to prevent idle connections from closing. In most cases this value does not need to be changed.

Default: 30 seconds

Maximum

Connection Age

The maximum amount of time an HTTP connection will stay open in minutes. In most cases this value does not need to be changed.

Default: 1440 mins. (1 day).

Configuring HTTP Tunnel Destination

The following buttons are available.

Add Button

Click the Add button to add an HTTP Tunnel Destination entry to the list.

Edit Button

Highlight an HTTP Tunnel Destination entry and click the Edit button to change the entry.

Delete Button

Highlight an HTTP Tunnel Destination entry and click the Delete button to remove the entry from the list.

Field Descriptions

Configure the following parameters if host access via a tunnel is needed. Each entry in the list box defines the application and port numbers an external client will use to access the destination host or application.

Tunnel

Select the HTTP tunnel to use for this connection

Destination

The address of an external host on the peer IOLAN's LAN. If the destination is a serial port on the Peer IOLAN or the peer IOLAN itself, select "Same as Tunnel".

Add new Services

Select either predefined services or custom services.

Predefined Services

Select the service or services required. For predefined services, you must specify an alias local IP address which will be used by the external host to access the service.

Custom Services

Selecting custom services allows you to enter in a custom application configuration. Select either TCP or UDP.

Local Port

The listening TCP/IP or UPD/IP port. This is the port the local host will be using.

When HTTP tunneling is used TCP and UDP ports 50,000 and above are reserved and should not be configured by the user.

Services

Overview

Services are either daemon or client processes that run on the IOLAN. You can disable any of the services for security reasons.

Functionality

If you disable any of the daemons, it can affect how the IOLAN can be used or accessed. For example, if you disable WebManager (HTTPS and HTTP) services, you will not be able to access the IOLAN with the WebManager. If you disable the DeviceManager service, the DeviceManager will not be able to connect to the IOLAN. If you do not want to allow users to Telnet to the IOLAN, you can disable the Telnet Server service; therefore, disabling daemons can also be used as an added security method for accessing the IOLAN.

By default, all daemon and client applications are enabled, except IPsec, and running on the IOLAN.

Field Descriptions

Enable/disable the following options:

Telnet Server Telnet daemon process in the IOLAN listening on TCP port 23.

Default: Enabled

TruePort Full Mode

The TruePort daemon process in the IOLAN that supports TruePort Full Mode on UDP port 668. You can still communicate with the IOLAN in Lite Mode when this service is disabled.

Default: Enabled

Syslog Client Syslog client process in the IOLAN.

Default: Enabled

Modbus Modbus daemon process in the IOLAN listening on port 502.

Default: Enabled

SNMP SNMP daemon process in the IOLAN listening on UDP port 161 and sending traps on UDP port 162.

Default: Enabled

TCP ports 2601, 2602 and 2603 are used internally by the IOLAN.

Keys and Certificates

When you are using SSH, SSL/TLS, LDAP/Microsoft Active Directory, or HTTPS, you will need to install keys and/or certificates or get server keys in order to make those options work properly. All certificates need to be created and all keys need to be generated outside of the IOLAN, with the exception of the IOLAN SSH Public keys, which already exist in the IOLAN. SSH keys must be generated using the OpenSSH format.

Certificate Authorities (CAs) such as Verisign, COST, GTE CyberTrust, etc. can issue certificates. Or, you can create a RSA or DSA self-signed certificate using a utility such as OpenSSL.

To download or keys, a certificate, or a CA list or to upload the IOLAN public SSH key, select Tools, Advanced, Keys and Certificates.

The following fields are available:

Key / Certificate

Select the key or certificate that you want to download to the IOLAN or upload the Management Module's SSH Public Key.

Data Options:

• Upload Server SSH Public Key, used for SSH management access
  • Download SSH User Public Key, used for SSH management access
• Download SSL/TLS Private Key, required if using HTTPS and/or SSL/TLS
  • Download SSH Host Public Key, required if using SSH
  • Download SSL/TLS Private Key, required if using SSL/TLS
• Download SSL/TLS Certificate, required if using HTTPS and/or SSL/TLS
• Upload IPsec RSA Public Key, required if using X.509 certification authentication for an IPsec tunnel
• Download IPsec RSA Public Key, required if using X.509 certification authentication for an IPsec tunnel
• Download SSL/TLS CA, required if using LDAP/Microsoft Active Directory with TLS, SSL/TLS, and/or X.509 certificate authentication for an IPsec tunnel
• Download NTP/SNTP Keys File, required if using NTP/SNTP server authentication

File Name The file that you are going to download/upload to/from the IOLAN via TFTP.

Key Type Specify the type of authentication that will be used for the SSH session. The following list details the keys that support each key type.

Data Options:

• RSA—Server SSH Public Key, SSH User Public Key, SSH User Private Key, SSH Host Public Key
• DSA—Server SSH Public Key, SSH User Public Key, SSH User Private Key, SSH Host Public Key

User Name The name of the user for whom you are downloading the SSH User Public or Private Key to the IOLAN.

Host Name The name of the host for which you are downloading the SSH Host Public or Private Key to the IOLAN.

IPsec Tunnel Name Select the IPsec tunnel that the RSA public key is being used to authenticate.

Configuring I/O Interfaces

Introduction

There is a line of IOLANs that can control/monitor the following types of I/O:

• Analog Input
  Digital Input/Output
• Relay Output
  • Temperature Input

Some of the models are I/O combinations and some of the models support one I/O type, although all of the SDS I/O models are extensions of the feature rich SDS IOLAN.

Technical Specifications

Digital I/O

• 2 or 4 channels depending on model
- software selectable as inputs or outputs
• optical isolation of 2000V rms

Digital Input

• Dry Contact: Logic 0 = open. Logic 1 = close to GND
• Wet Contact: Logic 0 = 0-3VDC. Logic 1 = 10V-30VDC

Digital Output

• Open collector to 30VDC (source, sink or both)
• 200mA max load
  • Digital out (DO) or pulse mode

Relay

• Form C type SPDT
• Contact rating: 1A@30VDC, 0.5A@AC: 120VAC
  • Breakdown voltage: 500 VAC (50/60 Hz)
• Relay on time: 7 msec. Relay off time 3 msec
  • Total switching time: 10 msec
  • Insulation resistance: 1000 MW minimum at 500 VDC

Settings

Overview

The I/O Interfaces Settings window configures the parameters that are global to all I/O channels.

I/O Access Functionality

Field Descriptions

Configure the following parameters:

Enable I/O Access Enables/disables Modbus as the communication protocol for all the I/O to Modbus protocol channels.

Default: Disabled

UID This is the UID you are assigning to the IOLAN, which is acting as a Modbus slave.

Default: 255

Advanced Modbus Click this button to configure global Modbus Slave settings.

Settings Button

See Advanced Slave Modbus Settings on page 179 for field descriptions.

Allow Modbus TCP Allows a host running a Modbus/TCP application to communicate to the I/O Application (API) channels using the standard Modbus API.

Default: Permanently enabled when Enable I/O Access via Modbus protocol is enabled

See Modbus I/O Access on page 210 for function codes and I/O coil/registration descriptions.

Allow Modbus RTU/ASCII via Enables/disables serial Modbus application access to the I/O over the network using the TruePort COM redirector feature.

TruePort

Default: Disabled

See Modbus I/O Access on page 210 for function codes and I/O coil/registration descriptions and Accessing I/O Data Via TruePort on page 217 for the Perle API.

Advanced Slave Modbus Settings

The parameters in this window configure global Modbus gateway settings that apply to all serial ports configured first as the Modbus Gateway profile and then as a Modbus Slave.

Configure the following parameters:

TCP/UDP Port The network port number that the Slave Gateway will listen on for both TCP and UDP messages.

Default: 502

Next Request Delay A delay, in milliseconds, to allow serial slave(s) to re-enable receivers before issuing next Modbus Master request.

Range: 0-1000

Default: 50 ms

Enable Serial When enabled, a UID of 0 (zero) indicates that the message will be broadcast to Modbus Broadcasts all Modbus Slaves.

Default: Disabled

Request Queuing When enabled, allows multiple, simultaneous messages to be queued and processed in order of reception.

Default: Enabled

Embedded When this option is selected, the address of the slave Modbus device is embedded in the message header.

Default: Enabled

Remapped Used for single device/port operation. Older Modbus devices may not include a UID in their transmission header. When this option is selected, you can specify the UID that will be inserted into the message header for the Modbus slave device. This feature supersedes the Broadcast feature.

Default: Disabled

Remap UID Specify the UID that will be inserted into the message header for the Slave Modbus serial device.

Range: 1-247

Default: 1

Enable SSL/TLS When enabled, Modbus Slave Gateway messages to remote TCP Modbus using global settings Masters are encrypted via SSL/TLS.

Default: Disabled

Failsafe Timer Functionality

Overview

The Failsafe Timer tab configures the I/O failsafe timer. The Failsafe Timer is enabled on a global basis and provides a trigger mechanism that can be configured for each channel when no I/O traffic/management has occurred for the specified amount of time. A Failsafe Action can be configured for each Digital Output channel, each Serial Signal Output pin (DTR and RTS), and each Relay channel to either Activate or Deactivate the output.

The Failsafe Timer has a different function when I/O Extension is enabled for Digital Output channels, Relay channels, or the Serial Signal Output pins (DTR and RTS). For I/O Extension, the Failsafe Timer provides a per channel or per serial signal output pin trigger mechanism that is activated when there are no TCP sessions for the specified amount of time.

Field Descriptions

Configure the following parameters:

Enable I/O Failsafe Timer Enables/disables the Failsafe Timer. This is the global setting that must be enabled to set the Failsafe Action on the channel for digital output and relay channels or output signal pins. When this timer expires because of no I/O activity within the specified time interval, the Failsafe Action set for the channel determines the action on the output. When the channel or serial signal pin is configured for I/O extension, the timer expires there are no TCP sessions for the specified time interval.

Default: Disabled

Timeout The number of seconds that must elapse before the channel/serial signal pin Failsafe Action is triggered.

Range: 1-9999

Default: 30 seconds

UDP Functionality

Overview

The UDP tab configures the I/O UDP broadcast settings. The I/O UDP broadcast feature periodically broadcasts the I/O channel status in a UDP message.

You can configure up to four sets of IP address entries (each entry consisting of a start and end IP address range) to broadcast I/O status data. The broadcast frequency of the UDP packets to the configured UDP IP addresses can be defined to accommodate network traffic and monitoring PC application requirements. For details of the UDP I/O datagram see I/O UDP on page 206.

Field Descriptions

Configure the following parameters:

Enable UDP Enables/disables UDP broadcast of I/O channel status (data).

Broadcast of I/O Default: Disabled Status

Broadcast Interval Enter the interval, in seconds, for UDP broadcasts of I/O channel status (data).

Range: 1-9999

Default: 30 seconds

Settings Button Click this button to configure the UDP IP addresses that will receive the I/O status information.

See I/O UDP Settings on page 183 for field descriptions for the I/O UDP Settings window.

I/O UDP Settings

Configure the following parameters:

UDP Entry When enabled, broadcasts I/O status (data) to the specified range of IP addresses.

Default: Disabled

Start IP Address The first host IP address in the range of IP addresses (for IPV4 or IPV6) that the IOLAN will listen for messages from and/or send messages to.

Field Format: IPv4 or IPv6 address

End IP Address The last host IP address in the range of IP addresses (for IPV4, not required for IPV6) that the IOLAN will listen for messages from and/or send messages to.

Field Format: IPv4 address

Port The UDP port that the IOLAN will use to relay messages to servers/hosts.

Default: 0 (zero)

Temperature Functionality

Overview

The Temperature tab configures the temperature scale settings for T4 models.

Field Descriptions

Configure the following parameter:

Temperature Scale Select the temperature scale that will be used to display temperature data.

Data Options: Fahrenheit or Celsius

Default: Celsius

Channels

The Channels section displays the I/O Channels window, through which you can enable/disable the I/O channels.

Highlight a channel and then click the Edit button to configure the parameters for that channel.

Analog

Overview

Analog channels monitor current/voltage input. Note that the internal jumpers must match the software setting (by default, they are set to Current); see Analog Input Module on page 431 to find out how to set the internal jumpers.

For example, in an industrial freezer warehouse, the IOLAN A4R2 is used to monitor humidity transducers, which are in place to help prevent freezer burn. If the humidity reaches a certain percentage (monitored by an Analog channel) a syslog message is sent to the Monitoring Application. The Monitoring Application then sends a command to the IOLAN via the Perle API that causes the Relay channel to activate an internal freezer dehumidifier. The relay is turned off when the Analog channel sends a clear syslog message to the Monitoring Application and the Relay channel is deactivated.

graph LR
    A["Monitoring Application"] --> B["Network"]
    B --> C["A4D2 IOLAN"]
    C --> D["Relay"]
    C --> E["Analog I/O Relay"]
    E --> F["Industrial Freezers"]
    C --> G["Analog"]

Field Descriptions

Configure the following parameters:

Description Provide a description of the channel, making it easier to identify.

Data Options: Maximum 20 characters, including spaces

Type Select the type of input being measured.

Data Options: Current or Voltage

Default: Current

Range Select the range for the measurement type.

Data Options:

• Current—0-20 mA, 4-20 mA
Voltage—+/- 10V, +/- 5V, +/- 1V, +/- 500mV, +/- 150mV

Default: Current is 0-20 mA. Voltage is +/- 10V.

Alarm Settings Button Click the Alarm Settings button to specify the trigger and clear levels for the alarms. Notice that the Analog Alarm Settings window has two alarm configuration views, a basic alarm view and an advanced alarm view.

See Alarm Settings on page 203 for field descriptions.

Digital Input

Overview

When the channel is set for digital input, it monitors voltage or current. Note that the internal jumpers must match the software setting and must be set to Input, which is the default; see Digital I/O Module on page 431 to find out how to set the internal jumpers.

Functionality

The Digital input channels allow you to configure the following options:

• You can choose to remember the last state change, or latch, that occurred. Your options are to latch (remember) when the state changes from inactive to active or active to inactive.
• You can choose to invert the signal, which is useful if your sensor is wired in such a way that closed is actually inactive, whereas closed is normally considered active.
• You can also configure an alarm trigger and clear mode based on whether the Digital input is active or inactive, sending an email, syslog message, and/or SNMP trap when the alarm is triggered or cleared.

In an industrial freezer warehouse example, a D4 is used to monitor the open door sensor, so that every time a freezer door is opened, an alarm is triggered and a syslog message is sent to a syslog server, where the monitoring application notes the time.

graph LR
    A["Monitoring Application"] --> B["Network"]
    B --> C["IOLAN"]
    C --> D["Digital I/O"]
    D --> E["Industrial Freezers"]
    C --> F["Input"]
    D --> G["Input"]

Field Descriptions

Configure the following parameters:

Description Provide a description of the channel, making it easier to identify.

Data Options: Maximum 20 characters, including spaces

Input Mode When selected, the channel will be reading the status of the line (input). The internal jumpers must match the software configuration; the internal jumpers are factory configured for Input Mode.

Default: Input Mode

Latch Latches (remembers) the activity transition (active to inactive or inactive to active).

Data Options: None, Inactive-to-Active, Active-to-Inactive

Default: None

Invert Signal When enabled, inverts the actual condition of the I/O signal in the status; therefore, an inactive status will be displayed as active.

Default: Disabled

Trigger When the trigger condition is met, triggers the specified alarm action.

Data Options:

• Disabled—No alarm settings. This is the default.
• Inactive—When the expected Digital input is active, going inactive will trigger an alarm.
  • Active—When the expected Digital input is inactive, going active will trigger an alarm.

Default: Disabled

Digital Output

Overview

When the channel is set for digital output, either voltage is applied to the channel or the channel is grounded. Note that the internal jumpers must match the software setting and must be set to Output (by default, they are set to Input); see Digital I/O Module on page 431 to find out how to set the internal jumpers.

Functionality

The Digital output channels support three types of Digital output: sink (voltage), source (ground), and sink and source (apply voltage or ground). For the output type, you can configure the following options:

• You can choose to manually activate/deactivate the Digital output.
• You can choose to manually activate/deactivate the Digital output and then specify that the Digital output will either pulse (you get to specify the active and inactive pulse times) continuously or for a specified number of pulse counts.
• You can choose to manually activate/deactivate the Digital output and then specify a delay before the output goes from inactive to active or active to inactive.
• You can also specify a failsafe action that can either activate or inactivate the Digital output when the failsafe timer is triggered (see Failsafe Timer Functionality on page 181 for more information).

In an industrial freezer warehouse, the IOLAN D4 is used to monitor the freezer doors. When one of the industrial freezer doors are left open for more than five minutes, the Monitoring Application (using the Perle API) starts the Digital output sink, causing the strobe light on top of the offending freezer to activate.

graph LR
    A["Monitoring Application"] --> B["Network"]
    B --> C["IOLAN"]
    C --> D["Output"]
    C --> E["Input"]
    C --> F["Digital I/O"]
    F --> G["Industrial Freezers"]

Field Descriptions

Configure the following parameters:

Description Provide a description of the channel, making it easier to identify.

Data Options: Maximum 20 characters, including spaces

Output Mode

When selected, the channel will drive the line (output). The internal jumpers must match the software configuration, so if you change this setting to Output Mode, you will have to also change the internal hardware jumpers.

Default: Disabled

Type Specify the type of digital output.

Data Options:

• Sink—Specifies that the channel will be grounded when active.
• Source—Specifies that the channel will provide voltage when active.
• Sink and Source—Specifies that channel will be grounded when it is inactive and will provide voltage when it is active.

Default: Sink

Output Specify how the channel output will be handled.

Data Options:

• Manual—You must manually manipulate the channel output.
• Pulse—Activates and deactivates the channel output activity in intervals after it is manually activated.
• Inactive-to-Active Delay—The channel output will remain inactive for the specified time interval after it is manually started.
• Active-to-Inactive Delay—The channel output will go inactive after the specified time interval after it is manually started.

Default: Manual

Relay

Overview

Relay channels can open or close a contact for a higher voltage circuit using a lower level control voltage. The Relay output channels work as a physical on/off switch, and are used to drive higher voltage devices with a lower controlling voltage.

You can configure the following Relay output channel options:

• You can choose to manually activate/deactivate the Relay output.
• You can choose to manually activate/deactivate the Relay output and then specify that the Relay output will either pulse (you get to specify the active and inactive pulse times) continuously or for a specified number of pulse counts.
• You can choose to manually activate/deactivate the Relay output and then specify a delay before the output goes from inactive to active or active to inactive.
• You can also specify a failsafe action that can either active or inactivate the Relay output when the failsafe timer is triggered (see Failsafe Timer Functionality on page 181 for more information).

In an industrial freezer warehouse, the IOLAN A4R2 is used to monitor humidity transducers, which are used to help prevent freezer burn. If the humidity reaches a certain percentage (monitored by an Analog channel) a syslog message is sent to the Monitoring Application, causing the Relay channel to activate an internal freezer dehumidifier. The Relay channel is deactivated when the Analog channel sends a clear syslog message to the Monitoring Application and the Relay channel is deactivated.

graph LR
    A["Monitoring Application"] --> B["Network"]
    B --> C["A4D2 IOLAN"]
    C --> D["Relay I/O Relay"]
    D --> E["Relay"]
    E --> F["Industrial Freezers"]
    C --> G["Analog"]
    D --> H["Analog"]

Field Descriptions

Configure the following parameters:

Description Provide a description of the channel, making it easier to identify.

Data Options: Maximum 20 characters, including spaces

Output Specify how the channel output will be handled.

Data Options:

• Manual—You must manually manipulate the channel output.
- Pulse—Activates and deactivates the channel output activity in intervals after it is manually activated.
- Inactive-to-Active Delay—The channel output will remain inactive for the specified time interval after it is manually started.
• Active-to-Inactive Delay—The channel output will go inactive after the specified time interval after it is manually started.

Default: Manual

Pulse Mode When Output is set to Pulse, you can specify the manner of the pulse.

Data Options:

• Continuous—Continuously pulses active and inactive.
- Count—Pulses an active/inactive sequence for the specified number of times.

Default: Continuous

Pulse Count The channel output will pulse for the specified number of times; each count consists of an active/inactive sequence.

Default: 1

Inactive Signal How long the channel will remain inactive during pulse mode.

Range: 1-9999 x 100 ms

Default: 1 (100 ms)

Digital I/O Extension

Overview

The Digital I/O extension feature connects a digital input signal to digital output(s)/relay(s) and/or a TCP/IP application over an IP network. Therefore, when the state of the digital input changes, you can also change the state of the digital output or relay channel or output serial signal pin on a local I/O channel(s), other IOLAN I/O channels, other IOLAN serial signal pins, or the data can be sent to an application(s).

For example, when the door opens (I/O digital input sensor) in a factory, a light goes on in the reception office (remote IOLAN relay channel), and the door open/close is logged by an application on a remote host.

graph TD
    A["IOLAN"] --> B["Network"]
    B --> C["Reception"]
    C --> D["Remote Host"]
    E["Front Door"] --> A
    F["Warehouse"] --> C

Functionality

The Digital I/O extension feature requires the digital input to be connected to one or more digital outputs/relays (local or on another IOLAN model), output serial signal pins, and/or TCP/IP applications. In order to create a successful connection between the input and output or application, one side must be must be set to Listen for connection and the other side must be set to Connect to. When the state of an input channel changes, a message is sent to all sessions currently associated with that channel.

When the IOLAN is communicating to an application, there is no need for the output channel or application to respond to messages from the input channel. Each input channel is reported individually, so the receiving application gets the status only at the point at which the channel state has changed.

The message format (from input channel to output channel/application) consists of 20 bytes per status; 10 bytes are currently used and 10 are being reserved for future use.

- Message type: (1 Byte)

• 0 = Digital input status
• 1 = Serial I/O status

• Input number: (1 Byte)

• Digital input will be 1, 2, 3, or 4 to represent the channel number
• Serial I/O will be 5 = DSR, 6 = DCD, or 7 = CTS

• MAC Address of the IOLAN sending the input information. (6 Bytes)

• Current Alarm State: (1 Byte)

• 0 = Not in alarm
• 1 = In Alarm

• Current Status of Input: (1 Byte)

• 0 = Inactive for digital input.
  • 1 = Active for digital input.

- Reserved for future use. Reserved bytes will have the value 0x00. (10 Bytes)

Applications should be written in such a way so that they look at the Message type byte to determine the format of the message. If the application encounters a Message type it does not recognize, it should discard the message and read the next 20 byte block.

Field Descriptions

The Local connection option is different depending on whether you are configuring a Digital Input or a Digital Output/Relay channel. The Local connection option for Digital Input lists all the local Digital Output channels or output serial signal pins that it is associated with. Digital Input can be connected to multiple local Digital Output or Relay channels or output serial signal pins. However, a Digital Output can only be associated with one Digital Input channel or input serial signal pin. The Local connection option for Digital Output configures the specific local Digital Input channel or input serial signal pin on the same IOLAN that it is to be connected to.

For a description of the SSL/TLS parameters (not available when Local connection is configured), see SSL/TLS Settings Tab Field Descriptions on page 338.

Digital Input/DSR/DCD/CTS Digital Output/Relay/DTR/RTS

Configure the following parameters:

Enable I/O extension

When enabled, the digital channel can be connected to:

• A Digital output or relay (if the I/O model supports relay) channel on the same IOLAN
  • Output Serial Signal Pins (DTR/RTS)
• A Digital output channel on another IOLAN(s) or output serial signal pins (DTR/RTS) on another IOLAN(s)
  • A TCP/IP application(s) running on a host on the network

Default: Disabled

Listen for connection

When enabled, the channel/serial signal pin will wait for connections to be initiated by another I/O channel or a TCP/IP application.

Default: Enabled

Input TCP Port

The TCP port that the channel/serial signal pin will use to listen for incoming connections.

Default: 2000 for channel 1, then increments by one for each channel

Adding/Editing Additional Hosts

You can define a list of hosts that the I/O channel will communicate to or a primary/backup host.

Configure the following parameters:

Adding/Editing a Multihost Entry

When you click the Add or Edit button, the Host Entry window appears. The hosts in the multihost list must already be defined (see Host Table on page 111 to learn how to create a host). If you add a host that was defined with its fully qualified domain name (FQDN), it must be resolvable by your configured DNS server.

Configure the following parameters:

Host Name Specify the preconfigured host that will be in the multihost list.

Default: None

TCP Port

Specify the TCP port that the I/O channel or serial signal pin will use to communicate to the Host.

Default: 0

Temperature

Temperature input channels monitor RTD or thermocouple temperature sensors inputs for the most common ranges. You can also configure severity alarms that can send an email, a syslog message, and/or an SNMP trap when an alarm is triggered or cleared; See Alarm Settings on page 203 for more information about the alarms.

RTD ranges are:

IEC RTD 100 ohms.=0.00385

JIS RTD 100 ohms.=0.00392

Thermocouple ranges are:

In the following example, a Temperature I/O IOLAN is used to monitor industrial freezer temperature sensors, with an alarm set to send a syslog message if the temperature rises above 31^ C.

graph TD
    A["Monitoring Application"] -->|Network| B["IOLAN"]
    B --> C["Temperature I/O"]
    B --> D["Industrial Freezers"]
    B --> E["Industrial Freezers"]

Field Descriptions

Configure the following parameters:

Description Provide a description of the channel, making it easier to identify.

Data Options: Maximum 20 characters, including spaces

Type Specify the type of sensor you are using to measure temperature.

Data Options: RTD, Thermocouple

Default: RTD

Range Specify the temperature range that you want to measure.

Data Options:

• RTD—Pt100 a=385 -50 to 150C, Pt100 a=385 0 to 100C, Pt100 a=385 0 to 200C, Pt100 a=385 0 to 400C, Pt100 a=385 -200 to 200C, Pt100 a=392 -50 to 150C, Pt100 a=392 0 to 100C, Pt100 a=392 0 to 200C, Pt100 a=392 0 to 400C, Pt100 a=392 -200 to 200C, Pt1000 a=385 -40 to 160C, NiFe604 a=518 -80 to 100C, NiFe604 a=518 0 to 100C
• Thermocouple—B 500 to 1800C, E 0 to 1000C, J 0 to 760C, K 0 to 1370C, R 500 to 1750C, S 500 to 1750C, T -100 to 400C

Default: RTD is Pt100 a=385 -50 to 150C. Thermocouple is J 0 to 760C.

Alarm Settings Button Click the Alarm Settings button to specify the trigger and clear levels for the alarms. Notice that the Analog Alarm Settings window has two alarm configuration views, a basic alarm view and an advanced alarm view.

See Alarm Settings on page 203 for field descriptions.

Alarm Settings

Analog and Temperature input models support an Alarm mechanism in which you can specify up to five severity levels of alarm triggers and clear levels; the alarm triggers/clear levels can activate in either increasing or decreasing severity levels.

Each time an alarm is triggered or cleared, you can specify any combination of the following to be initiated:

• An SNMP trap
  • An email message
  • A message to syslog

Basic Analog Alarm Settings

The basic Analog Alarm Settings window allows you to configure one severity alarm, whereas the advanced window allows you to configure up to five severity alarm levels.

Configure the following parameters:

Trigger alarm when specify the value that will trigger an alarm, the measurement is based on the input value is Type and Range that you specify. This value must not fall within the scope of the value used to clear an alarm.

Clear alarm when input value is Specify that value that will clear an alarm, the measurement is based on the Type and Range that you specify. This value must not fall within the scope of the value used to trigger an alarm.

Send Email Alert When enabled, sends an email alert to an email account(s) set up in the System settings when an alarm is triggered or cleared. The email alert data includes the severity level and the value that caused the alarm to trigger or clear. The Email Alert is associated with Level Critical.

Default: Disabled

Send Syslog Alert

When enabled, sends a message to syslog when an alarm is triggered or cleared. The syslog entry includes the severity level and the value that caused the alarm to trigger or clear. The syslog message is associated with Level Critical.

Default: Disabled

Send SNMP Alert

When enabled, sends an SNMP trap when an alarm is triggered or cleared. The trap consists of the severity level and whether the alarm was triggered or cleared.

Default: Disabled

Advanced Analog Alarm Settings

The advanced Analog Alarm Settings window expands the basic alarm settings options to up to five severity levels.

Configure the following parameters:

Trigger Type

If the Trigger Type is Low, an alarm is triggered when the input drops below the specified Trigger value; other severity level trigger values must decrease in value with each subsequent level. If the Trigger Type is High, an alarm is triggered when the input is higher than the specified Trigger value; other severity level trigger values must increase in value with each subsequent level.

Clear Mode

To clear an alarm, the input must drop below the specified value when Trigger Type is High or go above the specified value when Trigger Type is Low.

Level 1-5

Defines the Level severity settings for up to five levels. If the Trigger Type is Low, an alarm is triggered when the input drops below the specified Trigger value; other severity level trigger values must decrease in value with each subsequent level. If the Trigger Type is High, an alarm is triggered when the input is higher than the specified Trigger value; other severity level trigger values must increase in value with each subsequent level.

I/O UDP

Industrial applications often monitor the status of I/O devices such as sensors, alarms, relays, etc. by polling for I/O data. The IOLAN's I/O UDP feature can help to minimize network traffic by broadcasting I/O status to industrial applications on specified intervals, providing I/O status in a timely manner.

The IOLAN's I/O UDP broadcast feature sends the status of attached I/O devices to defined hosts on the network. Depending upon the IOLAN model and the configuration of the I/O channels, the UDP packet contains the current status and/or data of each enabled I/O channel or serial pin signal.

UDP Unicast Format

PC applications must be able to interpret the UDP packet to obtain I/O channel status and data. This section provides the detailed structure of the UDP datagram and its data format.

UDP Broadcast Packet

Each section, with the exceptions of the Version and Total Packet Length sections, is comprised of its own subset of bytes.

Note: All 2 byte values are in big Endian (network) order. All 4 byte values are IEEE 754 single precision floating point numbers in big Endian (network) order.

• Version—The current version of the format of I/O UDP broadcast packet.
  • Total Packet Length—The total length of the UDP packet.
• Analog Section—The Analog Section of the UDP packet, which contains data/status of the Analog I/O channels. The Analog Channel Data subsection (within the Analog Section) will only exist if the channel(s) is enabled.
• Digital/Relay Section—The Digital/Relay Section of the UDP packet, which contains status of Digital and Relay I/O channels. The Channel Data subsection within the Digital/Relay Section will always be present.
• Serial Pin Signal Section—The Serial Pin Signal Section of the UDP packet, which contains the status of the IOLAN's serial port's control signal pins. The Serial Pin Signal Data subsection within the Serial Signal Pins Section will always be present.

Analog Section

The Analog Section of the UDP packet is comprised of I/O data for each enabled Analog channel.

If the IOLAN I/O model does not support Analog channels, the Analog Channel Data subsection of the Analog Section will NOT be present in the UDP packet.

• Section Length—The total length of the Analog section (this value will vary, the field length is 2 Bytes). This value will vary because it will contain one Analog Channel Data subsection (18 bytes) for each Analog channel that is enabled.
• Channel Enabled—The Channel Enabled field is 1 byte in least significant bit order, for each channel. If the channel is enabled, the bit is set to 1. If the channel is disabled, the bit is set to 0 (zero).

- Analog Channel Data—Consists of Analog Channel Data for each enabled Analog channel on the IOLAN. If an Analog channel is disabled, there is no data for that channel. Therefore, the Analog Section will contain the Section Length value, the Channel Enabled value, and 18 bytes of I/O data for each enabled Analog channel. For example, an IOLAN I/O model with four Analog channels that has only three of those Analog channels enabled will contain 54 bytes of Analog Channel Data (18 bytes * 3 Analog channels).

The following values make up the Analog Channel Data for each enabled Analog channel:

• curRawValue—The current raw value received by the channel.
• minRawValue—The minimum raw value received by the channel until it is cleared.
• maxRawValue—The maximum raw value received from the channel until it is cleared.
• curEngValue—The current raw value that has been converted to voltage/current for Analog or Celsius/Fahrenheit for Temperature.
• minEngValue—The minimum raw value that has been converted to voltage/current for Analog or Celsius/Fahrenheit for Temperature until it is cleared.
• maxEngValue—The maximum raw value that has been converted to voltage/current for Analog or Celsius/Fahrenheit for Temperature until it is cleared.

Digital/Relay Section

The Digital/Relay Section of the UDP packet provides the status of Digital and Relay channels. The data for the status of each channel is represented by 1 byte, with each bit representing a channel (least significant bit format).

The Digital/Relay Channel Data subsection is present in the UDP packet regardless of whether or not the IOLAN model supports Digital/Relay channels.

• Length—The length of Digital/Relay Section within the UDP packet (this value will always be 2 Bytes).
• Channel Enabled—This is based on the configuration of the Digital/Relay channels. The Channel Enabled field is 1 byte in least significant bit order, for each channel. If the channel is enabled, the bit is set to 1. If the channel is disabled, the bit is set to 0 (zero).

- Digital/Relay Channel Data—Each bit represents a channel status, 1 for on or 0 for off (unless the channel has been configured to be inverted, in which case 0 is on and 1 if off).

Serial Pin Signal Section

The Serial Pin Signal Section of the UDP packet provides the status of the serial pin signals from the IOLAN's serial port. Each serial pin signal (DSR, DTR, CTS, etc.) is mapped to a bit in the 1-byte data section.

The Serial Pin Signal Data subsection is present in the UDP packet regardless of whether or not the serial port is configured for the Control I/O profile or the serial pin signals are enabled.

• Length—The total length of the Serial Pin Signal Data (this value will always be 2 Bytes).
• Pin Enabled—This based upon the configuration of the signal pins on the serial port. When the serial port profile is set to Control I/O and a serial pin signal(s) is enabled, the bit is set to 1. For any serial pin signals that are disabled, the bit is set to 0 (zero) and any data associated with those serial pin signals should be ignored.

- Serial Pin Signal Data—1 byte with each bit being set to high (1) or low (0) for the appropriate serial pin signals.

UDP Unicast Example

For an example of the I/O UDP unicast, see the sample program, ioudpbcast.c, found on your CD-ROM.

I/O Modbus Slave

If you have a Modbus serial or TCP application, it can access I/O connected to the IOLAN when the I/O Global Modbus Slave is enabled. You must supply a unique UID for the IOLAN, as it will act as a Modbus Slave.

There are three ways your Modbus Application can connect to the IOLAN to access I/O.

Modbus Serial Application Connected to the Serial Port

Your Modbus serial application can be connected right to the IOLAN serial port to access I/O.

graph LR
    A["PC running a Modbus Serial Application"] -->|Serial| B["IOLAN"]
    B --> C["Power"]
    B --> D["I/O Digital Output"]
    B --> E["UD: 15"]

Modbus Serial Application Connected to the Network

If you want to access the I/O from a LAN connection, you can install TruePort on the PC running the Modbus serial application as described in TruePort I/O on page 215 and connect to the IOLAN over the network.

graph LR
    A["PC running a Modbus Serial Application"] --> B["Network"]
    B --> C["IOLAN"]
    C --> D["I/O Digital Output"]
    C --> E["Power"]
    C --> F["15"]

Modbus TCP Application

If you have a Modbus RTU or Modbus ASCII program, you can access the I/O by connecting to the IOLAN over the network.

The section defines the function codes and registers you will need to access the I/O through Modbus TCP, Modbus serial, or Modbus serial/TruePort.

Function Codes

The following function codes are supported by the IOLAN:

• 01 read coils
  • 03 read multiple holding registers
  • 04 read input registers
• 05 write coil
  • 06 write single register
  • 08 diagnostics (echo the request)
  • 15 force multiple coils
  • 16 write multiple registers

There are four Modbus data models:

All coil/register values are in decimal.

I/O Coil/Register Descriptions

This section contains descriptions of I/O coils:

• MB_REG_DI_SENSOR—Status of Digital input. 1 is Active, 0 is Inactive. If Invert Signal is configured on, 0 is Active, 1 is Inactive. If input is Latched, returns latched status.
• MB_REG_DI_SENSOR_ALARM_STATE—Indication if input is in alarm state. 1 is In Alarm state, 0 is Not in Alarm state. A write of any value clears the alarm state.
• MB_REG_DO_SENSOR—Status of Digital output. 1 is Active, 0 is Inactive. If Invert Signal is configured on, 0 is Active, 1 is Inactive.

This section contains descriptions of I/O holding registers:

• MB_REG_HR_DI_SENSOR_LATCH—The latch status of the Digital input. 1 is Latched, 0 is Not latched. A write of any value will clear the latch.
• MB_REG_HR_DO_SENSOR_PULSE_ISW—Inactive Signal Width. This is how long the channel will remain inactive during pulse mode in increments of 100ms. Valid values are 1-9999. The default is 1 (100 ms).
• MB_REG_HR_DO_SENSOR_PULSE_ASW—Active Signal Width. This is how long the channel will be active during the pulse mode in increments of 100ms. Valid values are 1-9999. The default is 1 (100 ms).
• MB_REG_HR_DO_SENSOR_PULSE_COUNT—The number of times the channel output will pulse. Each count consists of an active/inactive sequence. The default is 1 cycle.
• MB_REG_HR_AI_CLEAR_ALARM_LATCH—Used to reset a latched alarm state. A write of any value will clear the alarm latch for the specific Analog input.
• MB_REG_HR_AI_CLEAR_MAX—Used to reset the Analog input maximum value reached. A write of any value will reset the maximum.
• MB_REG_HR_AI_CLEAR_MIN—Used to reset the Analog input minimum value reached. A write of any value will reset the minimum.

This section contains descriptions of I/O input registers:

• MB_REG_IR_CURR_ENG—The current value of an Analog or Temperature input converted to appropriate units. For Analog, this will be in voltage or current, depending on the configuration. For the Temperature, this value will be in Celsius or Fahrenheit, depending on configuration.
• MB_REG_IR_MIN_ENG—The minimum converted value ever reached on this input since the IOLAN was re-started or a manual clear was issued.
• MB_REG_IR_MAX_ENG—The maximum converted value ever reached on this input since the IOLAN was re-started or a manual clear was issued.
• MB_REG_IR_CURR_RAW—The current raw value received from the Analog to Digital converter. This is a hexadecimal value in the range of 0 -0xFFFF.
• MB_REG_IR_MIN_RAW—The minimum raw value ever reached on this input since the IOLAN was re-started or a manual clear was issued.
• MB_REG_IR_MAX_RAW—The maximum converted value ever reached on this input since the IOLAN was re-started or a manual clear was issued.
• MB_REG_IR_ALARM_LEVEL—This gives the current alarm severity level for the corresponding Analog input. Severity levels range from 0 (not in alarm) to 5 (highest alarm severity).

Serial Port Coil/Register Descriptions

This section contains descriptions of serial port coils:

• MB_REG_DI_DSR—The status of the DSR input signal. 1 is Active, 0 is Inactive. If Invert Signal is configured on, 0 is Active, 1 is Inactive. If input is Latched, returns latched status.
• MB_REG_DI_DSR_ALARM_STATE—The alarm state of DSR input signal. 1 is In Alarm state, 0 is Not in Alarm state. A write of any value clears the alarm state.
• MB_REG_DI_DCD—The status of DCD line. 1 is Active, 0 is Inactive. If Invert Signal is configured on, 0 is Active, 1 is Inactive.
• MB_REG_DI_DCD_ALARM_STATE—The alarm state of DCD input signal. 1 is in Alarm state, 0 is Not in Alarm state. A write of any value clears the alarm state.
• MB_REG_DI_CTS—The status of CTS input signal. 1 is Active, 0 is Inactive. If Invert Signal is configured on, 0 is Active, 1 is Inactive.
• MB_REG_DI_CTS_ALARM_STATE—The alarm state of CTS input signal. 1 is Alarm, 0 is Not in Alarm. A write of any value clears the alarm state.
• MB_REG_DO_DTR—The status of DTR output signal. 1 is Active, 0 is Inactive.
• MB_REG_DO_RTS—The status of RTS output signal. 1 is Active, 0 is Inactive.

This section contains descriptions of serial port holding registers:

• MB_REG_HR_DI_DSR_LATCH—The latched status for the DSR signal. 1 is Latched, 0 is Not Latched. A write any value will clear the latch.
• MB_REG_HR_DI_DCD_LATCH—The latched status for the DCD signal. 1 is Latched, 0 is Not Latched. A write any value will clear the latch.
• MB_REG_HR_DI_CTS_LATCH—The latched status for the CTS signal. 1 is Latched, 0 is Not Latched. A write any value will clear the latch.

A4/T4 Registers

The following registers are supported by the IOLAN A4 and T4 Input models:

A4D2/A4R2 Registers

The following coils and registers are supported by the IOLAN A4D2 and A4R2 I/O models:

*For DI alarm state, read will get state, write will clear alarm.

D4/D2R2 Registers

The following coils and registers are supported by the IOLAN D4 and D2R2 I/O models:

*For DI alarm state, read will get state, write will clear alarm.

Serial Pin Signals

The following coils and registers are supported by the IOLAN I/O models:

TruePort I/O

You can see a sample API I/O over TruePort program called ioapiotp.c on the CD-ROM.

TruePort/Modbus Combination

If you have a Modbus serial application running on a PC that is connected to a network, you can use TruePort as a virtual serial connection to communicate with the IOLAN over the network to access I/O data. You also have the option of enabling SSL as a security option to encrypt the data that is communicated between the IOLAN and the host machine (SSL/TLS must be configured in the Server settings and on the TruePort host).

graph LR
    A["PC running a Modbus Serial Application/TruePort"] --> B["Network"]
    B --> C["IOLAN"]
    C --> D["I/O Digital Output"]
    C --> E["Power"]
    C --> F["UID: 15"]

The host running TruePort must be in Modbus/ASCII or Modbus/RTU mode.

API Over TruePort Only

If you have a custom application that talks to a serial port, you can use TruePort as a virtual serial port to communicate with the IOLAN over the network to access I/O data using the Perle API. You also have the option of enabling SSL as a security option to encrypt the data that is communicated between the IOLAN and the host machine (SSL/TLS must be configured in the Server settings and on the TruePort host). See Accessing I/O Data Via TruePort on page 217 for more information on the API.)

The host running TruePort must be in I/O API mode.

Accessing I/O Data Via TruePort

Introduction

Analog and Digital I/O data, as well as output control, can be accessed in several ways. To have access from an application running on a workstation or server, the I/O Applications Program Interface (API) provided within Trueport can be used. This API uses a command/response format to get or set data on each individual I/O channel register. A sample program (ioapiotp.c) demonstrating typical usage can be found on the IOLAN product CD-ROM.

Setup

After TruePort has been properly installed and configured on the workstation or server and initiated from the application, it will setup a connection to the appropriate IOLAN. It will then be available to relay commands to the IOLAN and communicate responses back the application. TruePort will create a COM port to which the application can write commands to and read responses from. Since all communications are done via this COM port, the application need only use standard serial communication interface calls.

The following steps should be taken:

1. Install the Trueport software on the server or workstation on which the application will be running.

2. Configure the virtual communication port (COM) (see Trueport User Guide for details).

3. Run the application. Typically the application will:

a. Open the COM port.

b. Send Commands to the COM port using standard write commands.

c. Read Responses from the COM port using standard read commands.

All commands are forwarded to the IOLAN over the network where the specific I/O channel registers are modified or read, and then responses are sent back to TruePort where they will be made available to be read from the COM port.

d. Once the desired operations are completed, the COM port can be closed.

Format of API Commands

There are two groups of commands:

• Get Commands—Retrieve values of the I/O channel registers
• Set Commands—Set values on the I/O channel registers.

All commands need to be written to the COM port as a single write.

I/O Channel registers are all assigned unique addresses, which need to be referenced in all of the commands. Please refer to the documentation specific you the applicable mode, for the list and addresses of all the registers.

Get Commands

The following tables show the general structure to be used for Get commands.

Note: Numeric values provided in the API documentation are in Hexadecimal (Hex) format.

Command Format

Response Format

Example 1: Read the status of the first digital input (DI1) on a D2R2 unit.

DI1 sensor is a coil register with the decimal value of 6145 (hex 0x1801).

Request: 0x01 0x18 0x01 0x00 0x01

Response: 0x01 0x01 0x01 (Digital input 1 is active)

Example 2: Read the values for the Inactive Signal Width, Active Signal Width, and Pulse count for the second digital output (DO2) on a D4 unit.

DO2, Inactive Signal Width is a holding register with the decimal value of 6210 (hex 0x1842).

Request: 0x03 0x18 0x42 0x00 0x03

Response: 0x03 0x06 0x00 0x0A 0x00 0x11 0x00 0x0F

(Inactive = 10*100ms, Active = 17*100ms, and Pulse count = 15)

Example 3: Read the raw current, minimum and maximum values of the third Analog input (A3) on an A4D2 unit.

A3 current raw value is an input register with the decimal value of 2150 (hex 0x0866).

Request: 0x04 0x08 0x86 0x00 0x03

Response: 0x04 0x06 0x10 0x03 0x0F 0x30 0x10 0x20

(Current = 0x1003, Minimum = 0x0F30, and Maximum = 0x1020)

Set Commands

The following tables show the general structure to be used for set commands.

Numeric values provided in the API documentation are in Hexadecimal (Hex) format.

Command Format

Successful Response Format

4 2 Number of registers written.

Unsuccessful Response Format

Example 1: Turn on the first relay on a D2R2 unit.

The first relay (R1) is a digital out coil register with a decimal value of 6659 (hex 0x1A03).

Request: 0x0F 0x1A 0x03 0x00 0x01 0x01 0x01

Response: 0x0F 0x1A 0x03 0x00 0x01

Example 2: Turn on the first and second relay on a D2R2 unit.

The first relay (R1) is a digital out coil register with a decimal value of 6659 (hex 0x1A03).

Request: 0x0F 0x1A 0x03 0x00 0x02 0x01 0x03 (03 = "00000011" which sets R1 and R2 to 1)

Response: 0x0F 0x1A 0x03 0x00 0x02

Note: When reading or writing consecutive “Boolean” (coils) registers, the values of the registers are combined into a single byte as shown by the example above. Two registers (coils) are being written but the length of the data is 1 byte. The one byte contains the value for both registers as follows:

Error Codes

I/O SNMP Traps

When you enable SNMP traps for Digital and Analog inputs, a value is returned when an alarm triggers or clears. This section decodes the SNMP specific trap numbers. The value returned from the trap will be the I/O channel number that is generating the trap.

Configuring the Option Card

Introduction

SCS models have a built-in option card slot that supports one of the following options cards (purchased separately):

Perle IOLAN modem card

PCMCIA Wireless Wan card

USB modem card

Fiber optic card offered in Fast Ethernet or Gigabit speeds.

Perle PCI Adapter card for use with a user supplied USB modem card.

Perle PCI Adapter card for use with a user supplied wireless WAN card.

Option Card Settings

Overview

The Option Card settings allow you to configure the option card slot for the specific card being installed in the unit.IOLAN.

Functionality

In order to activate the “option card” you must install the card into the PCI slot of the IOLAN and configure the operating parameters.

To install the option card, please follow the instruction IOLAN described in Installing a Perle PCI Card.

Configuring the IOLAN Modem Card

The IOLAN Modem card Configure button automatically takes you to the Terminal serial port profile, although you can set and configure any serial port profile appropriate for modem use. See the Chapter E, Configuring Serial Ports for information on the configuration options for the serial port profile that fits your modem usage.

Configuring a Wireless (PCMCIA) WAN Card

Overview

SCS IOLAN models support a wireless WAN card that can be installed to permit access to the IOLAN via the internet or other WAN network. If you are using a USB modem, please see Configuring a USB Modem . When the PCI card type has been configured to be a Wireless WAN card, the serial port associated with the wireless WAN card is automatically set to PPP. No other PPP configuration is typically required. The wireless WAN card will establish a GPRS data connection over the service provider's GSM network. The service provider will assign an IP address to your wireless connection. This address may be public or private and it may be dynamically or statically assigned, depending on the type of account established with the service provider. If a static, public IP address has been assigned, the IOLAN will be directly accessible via that IP address. If a dynamic, public IP address has been assigned, you may access your IOLAN with the assistance of a dynamic DNS service provider. These service providers provide a method of accessing your device server using a standard URL (for example, yourcompany.dyndns.org), when the IP address assigned by the Wireless provider is dynamic. The IOLAN SCS supports dynamic DNS updates to DynDNS.com (see www.DynDNS.com for more information).

Field Descriptions

Configure the following parameters:

Card Specify the wireless WAN card you are using.

Data Options:

• Sierra Wireless AirCard 881—You are using a Sierra Wireless AirCard 881 WAN card.
• Sony Ericsson PC300—You are using a Sony Ericsson PC300 wireless WAN card.
• Sierra Wireless—You are using a Sierra wireless WAN card.
• Sony Ericsson—You are using a Sony Ericsson wireless WAN card.
• Use Standard Driver—If the wireless WAN card you are using is not listed, try the standard driver.
• Use Custom Driver—A custom driver downloaded from the Perle website.

Default: Sierra Wireless AirCard 881

APN Specify the APN required by your internet provider to access their network. See the internet provider documentation for more information.

User Name Specify the name required by your internet provider to access their network.

Password Specify the password required by your internet provider to access their network.

Phone Number Specify the phone number provided by your service provider to access their wireless network.

Field Format: Probably similar to *99***1#

Initialization String Specify the initialization string required by your internet service provider for your wireless modem.

When you click the Advanced button, the Remote Access (PPP) profile is displayed. The wireless WAN card uses PPP to communicate with its wireless provider. See Remote Access (PPP) Profile for information on how to configure PPP.

Configuring a USB Modem

Overview

SCS IOLAN models support a USB Wireless Modem that can be installed to permit access to the IOLAN via the internet or other WAN network. If you are using a PCMCIA Wireless Card, See Configuring a Wireless (PCMCIA) WAN Card. When the PCI card type has been configured to be USB, the serial port associated with the USB Modem is automatically set to PPP. No other PPP configuration is typically required. The USB Modem will establish a GPRS data connection over the service provider's GSM network. The service provider will assign an IP address to your wireless connection. This address may be public or private and it may be dynamically or statically assigned, depending on the type of account established with the service provider. If a static, public IP address has been assigned, the IOLAN will be directly accessible via that IP address. If a dynamic, public IP address has been assigned, you may access your IOLAN with the assistance of a dynamic DNS service provider. These service providers provide a method of accessing your device server using a standard URL (for example, yourcompany.dyndns.org), when the IP address assigned by the Wireless provider is dynamic. The IOLAN SCS supports dynamic DNS updates to DynDNS.com (see www.DynDNS.com for more information).

Field Descriptions

Configure the following parameters:

APN Specify the APN required by your internet provider to access their network. See the internet provider documentation for more information.

User Name Specify the name required by your internet provider to access their network.

Password Specify the password required by your internet provider to access their network.

Phone Number Specify the phone number provided by your service provider to access their wireless network.

Field Format: Probably similar to *99***1#

Initialization String Specify the initialization string required by your internet service provider for your wireless modem.

PIN If you have locked your SIM using a PIN, you must enter this PIN here in order to allow the IOLAN to access it. If you have never locked your SIM card, leave this field blank. You can enter up to 8 digits for the PIN.

When you click the Advanced button, the Remote Access (PPP) profile is displayed. The USB modem uses PPP to communicate with its wireless provider. See Remote Access (PPP) Profile for information on how to configure PPP.

Configuring a Fiber Optic Card

Overview

SCS IOLAN models support the ability to replace the second Ethernet interface with a fiber optic connection.

Field Descriptions

Configure the following parameters:

Card

Specify the type of fiber card you will be using.

• KTI KG-500F—Gigabit fiber card.
• Transition Networks N-FX-SC5-02—100MB card.

The type selected must match the card installed in the PCI slot.

No additional configuration is required for the fiber card.

The fiber card will now replace the second Ethernet interface on the unit. All configuration parameters related to "Interface 2" will now apply to the fiber card. If the options card configuration is changed to "None" or the card is removed from the PCI slot, the second Ethernet interface will be come active again using the configuration parameters for "Interface 2".

Configuring Clustering

Introduction

Clustering is a way to provide access to the serial ports of many IOLANs through a single IP address.

Clustering Slave List

Overview

The IP address that will be used to access all clustered serial ports will be that of the Master IOLAN in the cluster. All other IOLANs in the cluster will be referred to as Slave IOLANs. Users can also access slave serial ports using EasyPort Web; EasyPort Web is automatically launched when a user types in the IP address of the Master IOLAN in a web browser. If the user has Admin privileges, the WebManager will first be displayed with an option to proceed to EasyPort Web.

The Clustering Slave List window displays the slave IOLAN entries and the number of ports on those slave IOLANs.

No special configuration is required on the Slave IOLANs to enable this functionality.

The following buttons are available:

Adding Clustering Slaves

Overview

When you add a clustering slave IOLAN entry, you are adding the IOLAN that users will access through this master IOLAN.

Field Descriptions

Configure the following parameters:

Advanced Clustering Slave Options

Overview

The Advanced button provides a means of configuring each individual serial port's name, connection protocol, and port association in the clustered IOLAN slave. The Clustering Slave Settings window displays each clustered serial port slave entry, you need to click the Edit button to configure the individual serial port settings.

If you click the Retrieve Port Names button, the DeviceManager will connect to the clustering slave IOLAN and download all the serial port names--you can change the names and other settings when you click the Edit button.

Editing Clustering Slave Settings

Change the individual serial port settings Slave Port Settings window.

Configure the following parameters:

Port Name Specify a name for the port.

Default: A combination of the port number, the @ symbol, and the IP address; for example, port1@172.22.23.101.

Slave TCP Port Specify the TCP Port number configured on the Slave IOLAN that is associated to the port number you are configuring.

Range: 1-99999

Master TCP Port Specify the TCP port number you want to map to the Slave IOLAN TCP Port. User's will use this TCP port number to access the Slave IOLAN's port.

Default: 1024, and then increments by one for each new slave entry

Protocol Specify the protocol that will be used to access the port.

Data Options: SSH, Telnet

Default: Telnet

Configuring the System

Introduction

This chapter describes the alerts (email and syslog) that can be configured for the IOLAN and the advanced options (SNMP, time, custom applications/plugins, and other miscellaneous configuration options) that you will want to look at to see if they are required for your implementation.

Alerts

Email Alerts

Overview

Email notification can be set at the Server and/or Line levels. You can set email notification at these levels because it is possible that the person who administers the IOLAN might not be the same person who administers the serial device(s) attached to the IOLAN port. Therefore, email notification can be sent to the proper person(s) responsible for the hardware.

Functionality

Email notification requires an SMTP host that is accessible by the IOLAN to process the email messages sent by the IOLAN. When you enable email notification at the Server level, you can also use those settings at the serial port level, or you can configure email notification specifically for each serial port. When you choose an event Level, you are selecting the lowest notification level; for example, if you select Level Error, you will get notifications for all events that trigger Error, Critical, Alert, and Emergency messages. The level order, from most inclusive to least inclusive, is as follows: Debug, Info, Notice, Warning, Error, Critical, Alert, Emergency.

The following events trigger an email notification on the System for the specified Level:

• Reboot, Alert Level
  • IOLAN System Failure, Error Level
  • Authentication Failure, Notice Level
• Successful Login, Downloads (all), Configuration Save Commands, Info Level

Field Descriptions

Configure the following parameters:

Enable Email Alert Enables/disables a global email alerts setting. Even if this option is disabled, you can still configure individual serial port email alerts. When this option is enabled, individual serial ports can inherit these email alerts settings.

Default: Disabled

Level Choose the event level that triggers an email notification.

Data Options: Emergency, Alert, Critical, Error, Warning, Notice, Info, Debug Default: Emergency

To An email address or list of email addresses that will receive the email notification.

Subject A text string, which can contain spaces, that will display in the Subject field of the email notification.

From This field can contain an email address that might identify the IOLAN name or some other value.

Reply To The email address to whom all replies to the email notification should go.

Outgoing Mail Server The SMTP host (email server) that will process the email notification request. This can be either a host name defined in the IOLAN host table or the SMTP host IP address.

HTTP Tunnel Specify the HTTP tunnel to be used for this connection.

Username If your mail server requires you to authenticate with it before it will accept email messages, use this field to configure the authorized user name. Maximum size of user name is 64 characters.

Password Enter the password associated with the user configured in "Username". Maximum size of password is 64 characters.

Encryption Choose the type of encryption desired. Valid options are;

None - All information is sent in the clear.

SSL - Select this if your email server requires SSL.

TLS - Select this if your email server requires TLS

Verify Peer Certificate When checked this will enable the validation of the certificate presented by the email server. To validate the certificate, you will need to download the

When checked this will enable the validation of the certificate presented by the email server. To validate the certificate, you will need to download the appropriate CA list into the IOLAN. If the certificate is not found to be valid, the communication with the email server will be terminated. No authentication will take place and the email message will not be forwarded to the email server. If this option is not checked, the certificate validation will still be attempted but if it fails, a syslog message will be generated but the authentication and forwarding of the email will still take place.

Default: Enabled if SSL or TLS encryption is selected. Disabled if no encryption is selected.

TCP Port This is the TCP port used to communicate with the email server.

Default: 25 for non-SSL, 465 if SSL/TLS is used

NTLM Domain This field is only used if SPA authentication is performed with the email server. It may or may not be required. If the email server does not expect this field, it can be left blank.

Syslog

Overview

The IOLAN can be configured to send system log messages to a syslog daemon running on a remote host if the Syslog service is activated. You can configure a primary and secondary host for the syslog information and specify the level for which you want syslog information sent.

You must ensure that the Syslog Client service in the Security, Services window is enabled (by default it is enabled) for these settings to work.

Field Descriptions

Configure the following parameters:

Management

SNMP

Overview

If you are using SNMP to manage/configure the IOLAN, or to view statistics or traps, you must set up a User in SNMP version 3 or a Community in SNMP version 1.2 to allow your SNMP manager to connect to the IOLAN; this can be done in the DeviceManager, WebManager, CLI, or Menu. You must then load the perle-sds.MIB (found on the CD-ROM packaged with the IOLAN) file into your SNMP manager before you connect to the IOLAN.

Ensure that the SNMP service found in the Security, Services page is enabled (by default it is enabled).

SNMP Tab Field Descriptions

Configure the following parameters:

Contact The name and contact information of the person who manages this SMNP node.

Location The physical location of the SNMP node.

Community The name of the group that devices and management stations running SNMP belong to. Community only applies to SNMP v1 and v2c

Permissions Permits the IOLAN to respond to SNMP requests.

Data Options:

• None—There is no response to requests from SNMP.
• Readonly—Responds only to Read requests from SNMP.
• Readwrite—Responds to both Read and Write requests from SNMP.
  Default: None

V3 Read-write User This user can view and edit SNMP variables.

V3 Read-Only User This user can only read SNMP variables.

V3 Read-Only Security Level Select the security level for the Read-Only user. This must match the configuration set up in the SNMP manager.

Data Options:

• None—No security is used.
• Auth—User authentication is used.
• Auth/Priv—User authentication and privacy (encryption) settings are used.

Default: None

V3 Read-Only Auth Specify the authentication algorithm that will be used for the read-only user.

Algorithm

Data Options: MD5, SHA

Default: MD5

V3 Read-Only Auth Type in the read-only user's authentication password.

Password

V3 Read-Only Retype the user's authentication password.

Confirm Password

V3 Read-Only Specify the read-only user's privacy algorithm (encryption).

Privacy Algorithm Data Options: DES, AES

Default: DES

V3 Read-Only Type in the read-only user's privacy password.

Privacy Password

V3 Read-Only Retype the privacy password.

Confirm Password

SNMP Traps Tab Field Descriptions

Configure the following parameters:

Trap checkbox

Check this box to enable the entry of the trap information.

Internet Address The IP address of the SNMP manager(s) that will receive messages from the IOLAN.

Field Format: IPv4 or IPv6 address

Data Options:

• None—No security is used.
- Auth—Trap authentication is used.
- Auth/Priv—Trap authentication and privacy (encryption) settings are used.

Time

Overview

You can set standard and summer time (daylight savings time) in the IOLAN. You can specify the summer time settings as absolute, on a fixed date and time, or relative, on something like the third day of the third week at this time in June.

Functionality

The IOLAN has a real-time internal clock, allowing the date and time to be set and viewed. It will maintain the time over a short power outage and after reboots of the IOLAN. If you do not set the time, it will start the clock at the factory set time.

When you set the IOLAN's time, the connection method and time zone settings can affect the actual internal clock time that is being set. For example, if you are connecting to the IOLAN through the DeviceManager and your PC's time zone is set to Pacific Standard Time (GMT -8:00) and the IOLAN's time zone is set to Eastern Standard Time (GMT -5:00), the IOLAN's time is actually three hours ahead of your PC's time. Therefore, if you set the IOLAN's time to 2:30 pm in the DeviceManager, the IOLAN's actual internal clock time is 5:30 pm. This is the only configuration method that interprets the time and converts it between time zones, as necessary.

Network Time Tab Field Descriptions

You can configure your NTP/SNTP client in the IOLAN to automatically synchronize the IOLAN's time.

Configure the following parameters:

NTP/SNTP Mode The NTP/SNTP mode.

Data Options:

• None—NTP/SNTP is turned off.
- Unicast—Sends a request packet periodically to the Primary host. If communication with the Primary host fails, the request will be sent to the Secondary host.
- Broadcast/Multicast—Listen for any broadcasts from an NTP/SNTP server and then synchronizes its internal clock to the message.
- Manycast/Anycast—Sends a request packet as a broadcast on the LAN to get a response from any NTP/SNTP server. The first response that is received is used to synchronize its internal clock and then operates in Unicast mode with that NTP/SNTP server.

Default: None

NTP/SNTP Version Version of NTP/SNTP.

Range: 1-4

Default: 4

Enable Sets NTP/SNTP server authentication on or off.

Authentication Default: Off

Key ID Specify the key id associated with this host. This key must exist in the ntp/sntp (symmetric key) file that was downloaded to the IOLAN.

Valid key ID's: 1-65534

(Note: the structure for the ntp/sntp (symmetric key) file can be found in your IOLAN User's Guide - Appendix L)

Primary Host The name of the primary NTP/SNTP server from the IOLAN host table. Valid with Unicast and Multicast modes, although in Multicast mode, the IOLAN will only accept broadcasts from the specified host NTP/SNTP server.

Secondary Host The name of the secondary NTP/SNTP server from the IOLAN host table. Valid with Unicast and Multicast modes, although in Multicast mode, the IOLAN will only accept broadcasts from the specified host NTP/SNTP server.

HTTP Tunnel Specify the HTTP tunnel to be used for this connection.

Time Zone/Summer Time Tab Field Descriptions

You can configure an automatic summer time (daylight savings time) time change.

Configure the following parameters:

Time Zone Name The name of the time zone to be displayed during standard time.

Field Format: Maximum 4 characters and minimum 3 characters (do not use angled brackets < >)

Time Zone Offset The offset from UTC for your local time zone.

Field Format: Hours hh (valid -12 to +14) and minutes mm (valid 0 to 59 minutes)

Summer Time Name The name of the configured summer time zone; this will be displayed during the summer time setting. If this parameter is not set, then the summertime feature will not work.

Field Format: Maximum 4 characters and minimum 3 characters (do not use angled brackets < >)

Summer Time The offset from standard time in minutes. Valid values are 0 to 180.

Range: 0-180

Default: 60

Summer Time You can configure the summer time to take effect:

• None—No summer time change.
- Fixed—The summer time change goes into effect at the specified time every year. For example, April 15 at 1:00 pm.
- Recurring—The summer time changes goes into effect every year at same relative time. For example, on the third week in April on a Tuesday at 1:00 pm.

Default: None

Fixed Start Date Sets the exact date and time in which the IOLAN's clock will change to summer time (daylight saving time) hours.

Fixed End Date Sets the exact date and time in which the IOLAN's clock will end summer time hours and change to standard time.

Recurring Start Date

Sets the relative date and time in which the IOLAN's clock will change to summer time (daylight saving time) hours. Sunday is considered the first day of the week.

Recurring End Date Sets the relative date and time in which the IOLAN's clock will end summer time hours and change to standard time. Sunday is considered the first day of the week.

Custom App/Plugin

Overview

You can create custom applications for the IOLAN by using the Perle SDK. See the SDK Programmer's Guide (the SDK and guide are accessible via a request form located on the Perle website at www.perle.com/supportfiles/SDK_Request.shtml) for information about the functions that are supported. You must download the program and any ancillary files to the IOLAN and set the Serial Port Profile to Custom App/Plugin to run a custom application. You must also specify the program executable in the Command Line parameter.

A custom application or plugin can be run on the serial port. In this situation, the application will start once the serial port is activated and operate solely on the context of that serial port and any network communications related to that serial port. You could run a different custom application on each serial port. The serial port custom application or plugin is configured by specifying the Custom App/Plugin profile for the serial port.

The system level custom application or plugin will begin execution immediately following the system startup. It runs on the context of the whole system and can access network communications as well as any or all serial ports.

Field Description

Configure the following parameter:

Command Line

The name of the application that has been already been downloaded to the IOLAN, plus any parameters you want to pass to the program. For example, using sample outraw program (this is sample program supplied with the SDK), you would type:

outraw -s 0 192.168.2.1:10001 Acct:10001

if you were starting the application on the Server (notice the -s 0 parameter specifies serial port 1 to this particular application).

Field Format: Maximum of 80 characters

Advanced

Overview

Review the configuration options in the Advanced page to determine if any of them apply to your implementation.

Advanced Tab Field Descriptions

Configure the following parameters:

Bootup Files Tab Field Descriptions

You must have a SFTP/TFTP server running on any host that you are uploading or downloading files to/from. When you specify the file path, the path must be relative to the default path set in your SFTP/TFTP server software.

Configure the following parameters:

Configuration File

The path and file name, relative to the default path of your TFTP server software, of the configuration file for the IOLAN that will be loaded when the IOLAN is rebooted.

Configuration, Use SFTP

Check this box if you wish to use SFTP (Secure File Transfer Protocol) instead of TFTP (Trivial File Transfer Protocol). The IOLAN will use the SFTP server information entered under the SFTP tab.

Message of the Day (MOTD) Tab Field Descriptions

The message of the day is displayed when users log into the IOLAN through a telnet or SSH session or through WebManager or EasyPort Web.

There are two ways to retrieve the message of the day to be displayed to users when they log into the IOLAN:

• The message of the day file is retrieved from a SFTP/TFTP server every time a user logs into the IOLAN. You must have a SFTP/TFTP server running on any host that you are uploading or downloading files to/from when using SFTP/TFTP. When you specify the file path, the path must be relative to the default path set in your SFTP/TFTP server software.
• The message of the day file is downloaded to the IOLAN and retrieved locally every time a user logs into the IOLAN. You can download an MOTD file to the IOLAN in the DeviceManager by selecting Tools, Advanced, Custom Files and then selecting the Download Other File option and browse to the MOTD file. In WebManager, select Administration, Custom Files and select the Other File option and browse to the MOTD file. After the MOTD is downloaded to the IOLAN, you must specify the MOTD file name in the Filename field to access it as the message of the day (no SFTP/FTP Host parameter is required when the file is internal).

Configure the following parameters:

TFTP Host The host that the IOLAN will be getting the Message of the Day file from.

Field Format: Resolvable host name, IPv4 address, IPv6 address

Filename

The path and file name, relative to the default path of your TFTP server software, of the file that contains a string that is displayed when a user connects to the IOLAN. The IOLAN will look for the file internally (it must already be downloaded), if only the file is specified (no TFPT host) or the file cannot be found on the specified TFPT host.

HTTP Tunnel Specify the HTTP tunnel to be used for this connection.

Use SFTP

Check this box if you wish to use SFTP (Secure File Transfer Protocol) instead of TFTP (Trivial File Transfer Protocol). The IOLAN will use the SFTP server information entered under the SFTP tab.

Display MOTD in WebManager/EasyPort Web

When enabled, displays the Message of the Day to users who are logging into WebManager or EasyPort Web.

Default: Disabled

TFTP Tab Field Descriptions

You must have a TFTP server running on any host that you are uploading or downloading files to/from.

TFTP file transfers send via UDP packets. When the packet delivery is interrupted for any reason and a timeout occurs, that packet is resent if the retry count allows it. Therefore, if a very large file is being transferred and is interrupted, the entire file is not resent, just the part of the file that was not received.

Configure the following parameters:

SFTP Tab Field Descriptions

You must have a SFTP server running on any host that you are uploading or downloading files to/from.

These are global SFTP settings. They are used whenever the user specifies "SFTP" as the protocol to be used for the file transfer.

Some combinations of cipher groups are not available on FIPS firmware versions.

SSH-1 protocol is not available on FIPS firmware versions.

Configure the following parameters:

Enable Compression Enables compression of all data. Compression of data is desirable on slow connections, however on faster networks, compression will degrade overall data transmission rates.

Default: Disabled

Auto Logon When checked, the IOLAN will automatically log into the SFTP server using the Name field. If Keyboard Interactive is checked the IOLAN will also send the configured Password field.

Default: Disabled

Name Enter the user name that will be used to automatically log into the SFTP server.

Password Enter the password that will be used to automatically log in the SFTP server.

Host Select the host entry from the IOLANs host table which corresponds to the SFTP server.

HTTP Tunnel Specify the HTTP tunnel to be used for this connection.

SSH 1 enable Enable to negotiation of the SSH1 protocol.

SSH1 Cipher Select the encryption cipher to be used if the SSH1 protocol is used. Valid options are "3DES" or "Blowfish".

SSH 2 enable Enable to negotiation of the SSH2 protocol.

SSH2 Cipher Select the encryption cipher(s) to be used if the SSH2 protocol is used. You can provide up to five values in order of preference. Valid options are "3DES", "Blowfish", "AES-CBC", "CAST", "AES-CTR", "AES-GCM", ChaCha20-Poly1305 and "Arcfour".

Authentication RSA Allow RSA to be used as the method of authenticating the IOLAN.

Authentication DSA Allow DSA to be used as the method of authenticating the IOLAN.

Authentication Keyboard Interactive

Allow "Keyboard Interactive" to be used as the method of authenticating the IOLAN.

Console Port Tab Field Descriptions

This tab is found on rack mount models and is used to configure the Admin/Console port.

Configure the following parameters:

Baud Rate Specifies the baud rate of the line connected to the dedicated console port.

Data Options: 9600, 19200, 38400, 57600, 115200

Default: 9600

Flow Control For IOLAN models that have a dedicated console port, defines how the data flow is handled.

Data Options:

• Soft—Data flow control is handled by the software.
• Hard—Data flow control is handled by the hardware.
• None—There is no data flow control.

Default: None

Control RPS, I/O Channels, IPsec, WLANs

Introduction

The Control section appears when the IOLAN is connected to a Remote Power Switch and/or an I/O model, an IPsec tunnel is configured or you have configured a WLAN interface.

RPS Control

Overview

When a Remote Power Switch's (RPS) console port is attached to the IOLAN's serial port and the serial port is configured for the Power Management profile, you will be able to control the RPS's power plugs either universally or individually (power on/off the whole RPS or individual plugs).

Field Descriptions

The following buttons are available:

On Button Turns all the RPS plugs on.

Off Button Turns all the RPS plugs off.

Cycle Button Turns all the RPS plugs off and then on.

Reset to Default State Button Resets all the RPS plugs to the default state as configured in the Power Management profile settings.

Plug Control Button Displays a window that allows you to manage the individual plugs on the RPS.

Plug Control

Overview

When you click the Plug Control button, you can power on/off individual plugs.

Field Descriptions

The "Power Status" field above can contain the following values;

• On - Power is currently being applied to the plug.
• Off - Power is currently not being applied to the plug.

The "Monitor Host Status" field above can contain the following values;

- Disabled - Feature is currently disabled.

• Discovering- Host has never responded to a PING. After a PING response is received once, the status will not return to “discovering until a reboot is performed or a “kill line” is issued on this port.
• Waiting reboot- Monitored host has not responded to all PING retries. It is now marked as needing a reboot and is executing the “delay before reboot” (if configured).
• Rebooting- The monitor host has determined that the host is not responding and has initiated a "power cycle" on the plug in order to re-boot the host.
  • Monitoring- The host is being monitored and is responding to PING requests.

The “# Reboots” field above can contain the number of times that this power plug has been cycled due to a failure to respond to the PINGs.

The "Last Reboot" field above can contain the date and time of the last reboot to take place due to a failure to respond to the PINGs.

The following buttons are available:

Power

Controls the power state of the plug as follows;

On Button - Turns the selected plug on.

Off Button - Turns the selected plug off.

Cycle Button - Turns the selected plug off and then on.

Monitor Host

If host monitoring has been enabled on this plug, these buttons control the state of the feature as follows;

On Button - Enables the host monitor function.

Off Button - Disables the host monitor function.

Reset Statistics Button - Resets the “# reboots” and “Last Reboot” fields

OK Button

Closes the window.

Serial Port Power Control

Overview

The Serial Port Power Control window allows you to manage the power plugs that have been associated with the serial devices connected to the IOLAN.

Field Descriptions

The following buttons are available:

On Button Turns the selected plug on.

Off Button Turns the selected plug off.

Cycle Button Turns the selected plug off and then on.

Power Plug Status Button Displays a window that provides the plug status for every plug associated with the serial port.

Power Plug Status

This Power Plug Status window displays the status of all the plugs associated with a serial port.

Click OK to close this window.

I/O Channels

Overview

When the DeviceManager is connected to an I/O model IOLAN, the I/O Status/Control option is available. You can view the I/O status and manually control such options as clearing alarms, clearing minimum/maximum values, resetting the channel(s), and activating/deactivating output.

The following buttons are available:

Reset Channel Button Resets the highlighted channel (click on a channel to highlight it).

Clear Alarm Button Clears the alarm. Note that if the condition that tripped the alarm still exists, the alarm will not look like it's cleared, but will reflect the appropriate alarm level severity. Alarm Level 0 means that the alarm has not been triggered.

Clear Latched Clears the latched value. Input Button

Clear Minimum Value Button Clears the minimum value.

Clear Maximum Clears the maximum value. Value Button

Activate Output Button Manually activates the channel output.

Deactivate Output Manually deactivates the channel output. Button

Reset All Channels Resets all the channels. Button

Refresh Button Resets the highlighted channel (click on a channel to highlight it).

IPsec Tunnel Control

You can start, stop, and restart all the IPsec tunnels. When you start the IPsec tunnels, the Boot Action configured for each IPsec tunnel is what determines its state.

The following buttons are available:

Start Button Starts all IPsec VPN tunnels.

Stop Button Stops all IPsec VPN tunnels.

Restart Button Stops and then starts all IPsec VPN tunnels.

WLAN Control

Scan

Overview

Scan

The IOLAN will scan the network for any broadcasting AP with the same SSID and security type.

Profile The configured Profile names (upto 8 profiles). Profiles will be matched to a broadcasting AP with the same SSID and security type. Matching Profiles will be displayed at the top of the list and when highlighted will have the Connect Button highlighted in order to connect. Profiles without a matching AP and disabled profiles will not be on this list.

Note: Open-WEP, Shared-WEP or 802.1x-WEP security will be matched as equivalent.

SSID The configured network name or the network name assigned to the IOLAN when in Soft-AP mode.

Signal Displays the wireless signal strength.

RSSI

A measurement of the power level of the received radio signal (in dBm) of the currently associated AP averaged over time. Values = < then 95 dBm have no signal strength. Values >= -35 are at 100 strength.

BSSID

Shows whether the IOLAN is connected to this BSSID (Access Point's MAC Address).

Channel Displays the channel number that the IOLAN is using to connect to the AP. Value: (1-11 channels use 2.4GHz) and (36, 40, 44, 48 channels use 5GHz).

Type The network type displayed will be Infrastructure or Ad Hoc. The IOLAN cannot connect to Ad Hoc networks.

Security Displays the security type used for this connection between the IOLAN and the AP.

Start WPS

Start WPS The IOLAN will scan (120 seconds) all networks to find the closest AP that is currently in WPS mode. The IOLAN will exchange credentials with that AP and then create an internal wireless profile (association) and will then exit WPS mode.

Restart

Restart All WLANs will be stopped and any new configured WLAN parameters will be applied before the WLANs are restarted.

System Administration

Introduction

This chapter addresses the functions that the admin user or a user with Admin Level privileges might do. This chapter uses the DeviceManager as the configuration method described in most administrative functions. As a general rule, administrative functions are accessed from the menu bar in the DeviceManager and under the Administration option in the WebManager's navigation tree.

Managing Configuration Files

Saving Configuration Files

When you connect to the IOLAN using either DeviceManager or WebManager, the IOLAN's active configuration file is loaded into the configurator. To save a backup of the configuration file locally, do the following:

• In DeviceManager:

1. From the menu bar, select File, Save As.

2. In the Save As dialog box, specify a name and format for the file. Notice that you can save the file as either a .dme or a .txt file. Either file format can be imported into the DeviceManager and downloaded to the IOLAN in the future. The .dme is a binary file and the .txt file is a text file that can be viewed in any text editor.

3. Click Save.

- In WebManager:

1. In the navigation tree, select the Administration option.

2. In the configuration area, click the Backup/Restore button.

3. Select the tab corresponding to the transfer method you wish to use. The options are;

• Web - Uses HTTP to transfer the data
TFTP - Uses Trivial File Transfer Protocol to transfer the data
- SFTP - Uses Secure File Transfer Protocol to transfer the data.

Note: For both TFTP or SFTP, you must have a host on your network which will act as the TFTP or SFTP server. HTTP does not require any other host.

1. In the Backup group box, select the format (Binary or Text) in which you want to save the file. Either file format can be imported into the DeviceManager and downloaded to the IOLAN in the future.

2. Click the Backup Configuration button.

Downloading Configuration Files

You can download a configuration file to the IOLAN by doing the following:

- In DeviceManager:

1. Connect to the IOLAN to retrieve the current configuration file.
2. Open the configuration file you want to download to the IOLAN by selecting File, Import Configuration from a File and then browsing to the configuration file. This will replace the retrieved configuration file.
3. Select Tools, Download Configuration to IOLAN or click the Download All Changes button.
4. Reboot the IOLAN.

- In WebManager:

1. In the navigation tree, select the Administration option.
2. In the configuration area, click the Backup/Restore button.
3. Select the tab corresponding to the transfer method you wish to use. The options are;
4. Web - Uses HTTP to transfer the data
   TFTP - Uses Trivial File Transfer Protocol to transfer the data
5. SFTP - Uses Secure File Transfer Protocol to transfer the data.

Note: For both TFTP or SFTP, you must have a host on your network which will act as the TFTP or SFTP server. HTTP does not require any other host.

1. In the Restore group box, browse to the configuration file that you want to download to the IOLAN.

2. Click the Restore Configuration button.

3. Reboot the IOLAN.

Downloading Configuration Files to Multiple IOLANs

You can download a configuration file to multiple IOLANs at the same time by doing the following in DeviceManager (DeviceManager is the only configurator that does this function):

1. Select Tools, Download Configuration to Multiple IOLANs.

2. Specify the IOLANs that you want to download the configuration to:

Enter the following information for each IOLAN that you want to configure with the same configuration file:

1. Click Add to add the IOLAN to the download list. You can also click on the IOLAN entry and edit any information and then click Update to make the edits permanent.

2. Click the Download> button to start the download process. A status window will display with the configuration download status.

Uploading Configuration Files

When you upload a configuration to the DeviceManager, you are uploading the IOLAN's working configuration file. In most other configurators (the exception being SNMP), you are always seeing the working configuration file.

In DeviceManager, select Tools, Upload Configuration from IOLAN. The working configuration file will automatically be loaded into the DeviceManager.

Specifying a Custom Factory Default Configuration

When you receive the IOLAN, it comes with a factory default configuration that the IOLAN can be reset to at any time. Administrators might find it useful to customize the factory default configuration file, so that if the IOLAN gets reset to its factory defaults, it will be reset to defaults that the Administrator specified.

There are two ways you can set the custom factory default configuration:

- Download a file to the IOLAN—You can download a custom factory default file to the IOLAN using any of the configuration methods. In DeviceManager, you must connect to the IOLAN and then select Tools, Advanced, Custom Files, Custom Factory Default Configuration and then specify the file. In WebManager, you must connect to the IOLAN and then select Administration, Reset, Factory Defaults, Set Current Configuration as Factory Default.

- Download the current configuration to the IOLAN—You can specify the configuration that you are working with/on as the custom factory default configuration using any of the configuration methods (you must be connected to the IOLAN). In DeviceManager, select Tools, Advanced, Set Factory Default to IOLAN. In WebManager, select Administration, Reset, Factory Defaults, Get and Set Factory Default Configuration File.

Resetting the IOLAN to the Default Configuration

The RESET button is available on all IOLAN models (except medical unit models). The button allows you to reset the IOLAN to its Perle or custom factory default configuration. The Power/Ready LED color and the resetting of the IOLAN default configuration vary depending on how long you press and hold the RESET button, as shown in the table below.

Downloading IOLAN Firmware

To upgrade the IOLAN firmware (software):

- In DeviceManager, select Tools, Advanced, Download Firmware to IOLAN. You can browse to the firmware location. Once the firmware download is complete, you will be prompted to reboot the IOLAN. You can choose to reboot the IOLAN at another time by selecting Tools, Reset, Reboot IOLAN.

- In WebManager, under the Administration option, select Update Firmware. Either browse to the firmware file and then click the Upload button or configure the TFTP or SFTP server and click the Upload button. Note: If you use the TFTP or SFTP option, the specified TFTP or SFTP server must be on the same subnet as the IOLAN.

Upgrading the firmware does not affect the IOLAN's configuration file or downloaded custom files.

Calibrating I/O

All I/O channels are factory calibrated and should not need recalibration during initial use. However should calibration be required, you can recalibrate in DeviceManager or WebManager. In DeviceManager, you calibrate the I/O channel(s) by selecting Tools, I/O Channels, Calibrate. In WebManager, you calibrate the I/O channel(s) by selecting I/O Channels, Calibrate.

Calibrating Analog Input

To calibrate an Analog input channel, read the section that applies to the type of input you are calibrating. Note that calibration will be done for the active channel configuration; for example, if Channel A1 is set to voltage, you cannot calibrate it for current. The voltage range configured for this channel will also dictate what is being calibrated. For example, if this channel is configured for a range of +/-10V, calibrating this channel will calibrate all channels which are configured for +/-10V. During the calibration process, you will be asked to apply the minimum and maximum configured range value to the channel; for example, to calibrate for voltage +/- 10V, you will be prompted to first apply -10V and then +10V to the channel.

Also, you cannot actively calibrate disabled channels (although, for Voltage, if you enable the channel and then set it for a range that has already been calibrated for another channel, it will also be calibrated).

Calibrating Voltage

When calibrating the IOLAN Analog input for voltage, you will need a calibration meter that is better than .1% volts precision. When you calibrate one channel, all voltage channels are automatically calibrated for that range; if another channel is set for a different range, you will need to calibrate that channel separately, but all channels that use that range are also automatically calibrated.

Calibrating Current

When calibrating the IOLAN Analog input for current, you will need a calibration meter that is better than .1% current precision. Each channel needs to be calibrated individually.

Calibrating Temperature Input

To calibrate an Analog (Temperature) input channel, read the section that applies to the type of input you are calibrating. Note that calibration will be done for the active channel configuration; for example, if Channel A1 is set to thermocouple, you cannot calibrate it for RTD. During the calibration process, you will be asked to apply the minimum and maximum range value to the channel in either mV or Ohms; for example, to calibrate for thermocouple J 0 to 760C, you will be prompted to first apply -80mV and then +80mV to the channel.

Also, you cannot actively calibrate disabled channels (although if you enable the channel and then set it for the type of thermocouple or RTD that has already been calibrated on another channel, it will also be calibrated).

Calibrating Thermocouple

When calibrating the IOLAN Analog input for thermocouple, you will need a calibration meter that is better than .15% accuracy. When you calibrate one channel, all thermocouple channels are automatically calibrated for that range; if another channel is set for a different range, you will need to calibrate that channel separately, but all channels that use that range are automatically calibrated.

Calibrating RTD

When calibrating the IOLAN Analog input for RTD, you will need a resistor that is better than .05% Ohms accuracy. When you calibrate one channel, all RTD channels are automatically calibrated for that range; if another channel is set for a different range, you will need to calibrate that channel separately, but all channels that use that range are automatically calibrated.

Calibrating Analog Channels

Analog Input can be calibrated for Analog and Temperature IOLAN models.

Select the channel you want to calibrate. This example uses an A4 model that has channel A1 set to Current with a Range of 0 to 20mA.

If you have not disabled confirmation messages (Tools, Options in DeviceManager only), you will get prompted to verify channel calibration.

Click Yes to proceed with calibration. You are now prompted to apply 0 mA to the positive (+) and negative (-) terminals. Once that is done, click Yes to proceed.

You are now prompted to apply 20 mA to the positive (+) and negative (-) terminals. Once that is done, click Yes to proceed.

Once calibration is successfully completed, click OK to finish the process.

Resetting Calibration Data

You can reset the I/O channels calibrations to the factory calibrations in DeviceManager by selecting Tools, I/O Channels, Reset Calibrate Data or in WebManager by selecting Administration, Reset, I/O Calibration.

Setting the IOLAN's Date and Time

When you set the IOLAN's time, the connection method and time zone settings can affect the actual internal clock time that is being set. For example, if you are connecting to the IOLAN through the DeviceManager and your PC's time zone is set to Pacific Standard Time (GMT -8:00) and the IOLAN's time zone is set to Eastern Standard Time (GMT -5:00), the IOLAN's time is actually three hours ahead of your PC's time. Therefore, if you set the IOLAN's time to 2:30 pm in the DeviceManager, the IOLAN's actual internal clock time is 5:30 pm. This is the only configuration method that interprets the time and converts it between time zones, as necessary.

All other configuration methods set the IOLAN's internal clock time to the time specified, with no interpretation.

To set the IOLAN's system clock in DeviceManager, select Tools, Advanced, Set Unit Time/Date and in WebManager select Administration, Date/Time. The Set Date/Time window is displayed.

Configure the following parameters:

Rebooting the IOLAN

When you download any file (configuration, keys, certificates, firmware, etc.) to the IOLAN, you must reboot the IOLAN for it to take effect by selecting Tools, Reset, Reboot Server in DeviceManager and Administration, Reboot Unit in WebManager.

Resetting Serial Port Statistics

You can reset the IOLAN's serial port/s statistics back to zero.

Resetting the IOLAN to Factory Defaults

You can reset the IOLAN to its factory default configuration by selecting Tools, Reset, Reset to Factory Default in DeviceManager and Administration, Reset, Factory Defaults in WebManager.

The IOLAN will automatically reboot itself with the Perle factory default or custom factory default configuration.

Resetting the SecurlD Node Secret

If you are using SecurID external authentication, you can select Tools, Reset, Reset SecurID Node Secret in DeviceManager and Administration, Reset, SecurID Secret in WebManager to reset the node secret. You do not need to reboot the IOLAN for this to take effect, it works instantly.

Language Support

Two language files, in addition to English, are supplied on the supplemental CD, French and German. You can use any of these language files to create a translation into a language of your choice. You can download the language file (whether the language is supplied or translated) into the IOLAN and select the Language option of Custom Language or Customlang (custom language), making the Menu and CLI field labels display in the desired language.

You can view Menu or CLI in one other language only (as well as English). If you download another language file, this new language will replace the first language you downloaded.

You can revert to English at any time; the English language is stored permanently in the IOLAN and is not overwritten by your new language. Each user logged into the IOLAN can operate in either English or the downloaded language.

Loading a Supplied Language

This section describes how to download a language file using the CLI, since it is the least intuitive method. French and German language files are provided on the supplemental CD.

To load one of the supplied languages into the IOLAN, so the Menu or CLI fields appear in another language, do the following:

1. Open the supplemental CD and identify the language file, either Iolan_ds_French.txt or Iolan_ds_German.txt, or supply one of your own translated files.

2. Copy the language file to a host machine on the network; place it in the main file system or on the main hard drive.

3. Either use the TFTP/SFTP defaults in the IOLAN or, configure as necessary, TFTP/SFTP in the IOLAN.

4. In the CLI of the IOLAN, enter the host IP address and file name; for example, netload customlang 172.16.4.1 /temp/Iolan_ds_French.txt snetload customlang 172.16.4.1 /temp/Iolan_ds_French.txt

The IOLAN will download the language file via TFTP or SFTP.

In DeviceManager select Tools, Advanced, Custom Files and then select Download Custom Language File and browse to the language file. In WebManager select Administration, Custom Files and then specify the Custom Language File option and browse to the language file.

1. To set an individual user to the new language, go to the Users menu and, in the Language field select Customlang. In the CLI (only) you can set individual users or all users to the new language; see the set user * command.

2. The user will see the change of language when he/she logs out (Main Menu, Sessions Menu, Logout) and logs back into the IOLAN. If, as Admin user, you change your language setting to Customlang, you will see the text menus display in the new language when you save and exit the Change User form. Users with Level Normal can also change their display language.

If you download a new software version, you can continue to use your language unchanged; however, we recommend translating the new strings, which will be added to the end of the language file. A Reset to Factory Defaults will reload the Customlang as English.

On successful download, the Customlang in the IOLAN will be overwritten by the new language.

Translation Guidance

To help you with your translation, of supplied ASCII text language files we offer the following guidance:

• The IOLAN will support languages other than English (and the supplied German and French languages). The English language file, english.txt, displays the character length of each line at the beginning of the line. If a translated line goes over that character length, it will be displayed truncated in the Menu or CLI.
• Translate line for line, do not omit lines if you do not know the translation; leave the original untranslated text in place. Also, you must maintain the same sequential order of lines. It is a good practice to translate the file using a text editor that displays line numbers, so you can periodically verify that the line sequence has not changed from the original file (by comparing it to the original file).
• Keep all translations in quotes, otherwise the line will not display properly.
  • Each line must end with a carriage return.
• If a line contains only numbers, for example 38400, leave that line in place, unchanged (unless you are using a different alphabet).

Software Upgrades and Language Files

If you receive a software upgrade for the IOLAN, the language files supplied on the supplemental diskette/CD might also have been updated. We will endeavour to provide a list of those changes in another text file on the same supplemental CD.

Note: The upgrade of your software (firmware) will not change the display of the language in the Menu or CLI.

If you are already using one of the supplied languages, French or German, you probably want to update the language file in the IOLAN. Until you update the IOLAN with the new language file, new text strings will appear in English.

If you are already using a language translated from an earlier version, you probably want to amend your translation. When a language file is updated, we will try to maintain the following convention:

1. New text strings will be added to the bottom of the file (not inserted into the body of the existing file).
2. Existing text strings, if altered, will be altered in sequence; that is, in their current position in the file.
3. The existing sequence of lines will be unchanged.
4. Until you have the changes translated, new text strings will appear in the Menu or CLI in English.

Downloading Terminal Definitions

All terminal types can be used on the IOLAN. Some terminal types which are not already defined in the IOLAN, however, are unable to use Full Screen mode (menus) and may not be able to page through sessions properly. When installed, the IOLAN has several defined terminal types—Dumb, WYSE60, VT100, ANSI, TV1925, IBM3151, VT320-7, and HP700/44.

If you are not using, or cannot emulate, any of these terminal types, you can add up to three additional terminal definitions to the IOLAN. The terminal definitions can be downloaded from a TCP/IP host.

To download terminal definitions, follow these steps:

1. Decide which TCP/IP host you are going to use. It must be a machine with enabled.
2. Configure SFTP/TFTP in the IOLAN as necessary.
3. Select Tools, Advanced, Custom Files from the menu bar in DeviceManager and Administration, Custom Files in WebManager.
4. From the File Type drop-down, select Download Terminal Definition. Select the terminal definition option 1, 2, or 3 and then browse to the terminal definition file that is being downloaded to the IOLAN.
5. In the Terminal profile, select the Terminal Type Termx that you custom defined.

Creating Terminal Definition Files

To create new terminal definition files, you need to copy and edit the information from the termininfo database.

1. On a UNIX host, change directory to /usr/lib/terminfo/x (where x is the first letter of the required terminal type). For a Wyse60, for example, you would enter the command cd /usr/lib/terminfo/w.
2. The termcap files are compiled, so use the command infocmp termfile to read the required file (for example: infocmp wy60).
3. Check the file for the attribute xmc#n (where n is greater than or equal to 1). This attribute will corrupt menu and form displays making the terminal type unsuitable for using Menu mode.
4. If the terminal definition is suitable, change to a directory of your choice.
5. Rename and copy the file to the directory specified at step 4. using the command infocmp termfile > termn where n is greater than or equal to 1; (for example, infocmp wy50 > term1). Make sure the file has global read and execute permission for its entire path.
6. Edit the file to include the following capabilities in this format:

term=
acsc=
bold=
civis=
clear=
cnorm=
cup=
rev=
rmacs=
rmso=
smacs=
smso=
page=
circ= 

For example:

term=AT386 | at386| 386AT |386at |at/386 console
acsc=jYk?1Zm@qDtCu4x3
bold=\E[1m
civis=
clear=\E[2J\E[H
cnorm=
cup=\E[%i%p1%02d;%p2%02dH
rev=\E4A
rmacs=\E[10m
rmso=\E[m
smacs=\E[12m
smso=\E[7m
page=
circ=n 

As you can see from the example, capabilities which are not defined in the termininfo file must still be included (albeit with no value). Each entry has an 80 character limit.

On some versions of UNIX, some of the capabilities are appended with a millisecond delay (of the form ). These are ignored by the IOLAN and can be left out.

The ‘acsc’ capability, if defined, contains a list of character pairs. These pairs map the characters used by the terminal for graphics characters to those of the standard (VT100) character set.

Include only the following character pairs:

jx, kx, lx, mx, qx, tx, ux and xx

(where x must be substituted by the character used by the terminal). These are the box-drawing characters used to display the forms and menus of Menu mode. They must be entered in this order.

The last two capabilities will not be found in the termininfo file. In the page field you must enter the escape sequence used by the terminal to change screens. The circ field defines whether the terminal can use previous page and next page control sequences. It must be set to y or n. These capabilities can be found in the documentation supplied with the terminal.

Resetting Configuration Parameters

You can reset the IOLAN to its factory default settings (this will reset it to the Perle factory default or custom factory default settings, depending on what has been configured) through any of the following methods:

• You can push in the recessed button at the back of the IOLAN hardware for three to ten seconds (pushing it in and then quickly releasing will just reboot the IOLAN)
  ● DeviceManager, select Tools, Reset, Reset to Factory Defaults
• CLI, at the command line type, reset factory
  WebManager, select Administration, Reset, Factory Default, and then click the Reset to Factory Defaults button
• Menu, select Network Configuration, Reset to Factory Defaults
  SNMP, in the adminInfo folder, Set the adminFunction variable to 2

Lost admin Password

If the admin user password is lost, there are only two possible ways to recover it:

- reset the IOLAN to the factory defaults

- have another user that has Admin level rights, if one is already configured, reset the admin password

Applications

Introduction

This chapter provides examples of how to integrate the IOLAN within different network environments or applications. Each scenario provides an example of a typical setup and describes the configuration steps to achieve the IOLAN functionality feature.

Configuring Modbus

This sections provides a brief overview of the steps required to configure the IOLAN for your Modbus environment. You can read the Modbus Gateway Settings and Modbus Serial Port Settings sections for more specific information about the Modbus settings.

Overview

This section describes the high-level steps required to configure the IOLAN as a Modbus Master or Slave Gateway.

Configuring a Master Gateway

To configure a Master Gateway (Modbus Master connected to the serial side of the IOLAN), do the following:

1. Set the serial port that is connected to the serial Modbus Master to the Modbus Gateway profile.
2. In the Modbus Gateway profile on the General tab, set the Mode to Modbus Master.
3. Still on the General tab, click the Destination Slave IP Mappings button to map the Modbus Slave's IP addresses and their UIDs that the serial Modbus Master will attempt to communicate with.
4. For specialized configuration options, select the Advanced tab and configure as required.

Configuring a Slave Gateway

To configure a Slave Gateway (Modbus Master resides on the TCP/Ethernet network), do the following:

1. Set the serial port that is connected to the serial Modbus Slave(s) to the Modbus Gateway profile.
2. In the Modbus Gateway profile on the General tab, set the Mode to Modbus Slave.
3. Still on the General tab, specify the Modbus Slave UIDs that the TCP Modbus Master will attempt to communicate with.
4. Still on the General tab, click the Advanced Slave Settings button to configure global Slave Gateway settings.
5. For specialized configuration options, select the Advanced tab and configure as required.

Modbus Gateway Settings

The scenarios in this section are used to illustrate how the IOLAN's Modbus Gateway settings are incorporated into a Modbus device environment. Depending on how your Modbus Master or Slave devices are distributed, the IOLAN can act as both a Slave and Master Gateway(s) on a multiport IOLAN or as either a Slave or Master Gateway on a single port IOLAN.

Modbus Master Gateway

The IOLAN acts as a Master Gateway when the Modbus Master is connected to a serial port on the IOLAN. Each Modbus Master can communicate to UIDs 1-247.

Modbus Slave

graph LR
    A["Modbus Slave"] -->|TCP| B["Network"]
    C["Modbus Master"] --> D["Modbus Slave"]
    B --> E["Master Gateway"]
    D --> F["Modbus Master"]
    E --> G["IOLAN"]
    F --> H["EIA-422/485"]
    G --> I["Serial EIA-232"]
    H --> I
    I --> J["Modbus Master"]

Modbus Slave Gateway

The IOLAN acts as a Slave Gateway when the Modbus Master resides on the TCP/Ethernet network and the Modbus Slaves are connected to the serial ports on the IOLAN. Note: The IOLAN provides a single gateway to the network-attached Modbus Masters. This means that all Modbus Slaves attached to the IOLAN's serial ports must have a unique UID. Multiple Masters on the network can communicate with these Modbus Slaves. Note: If a transaction is in progress to a Modbus Slave, other requests to that same device will be queued until that transaction is complete.

Modbus Master

graph LR
    A["Modbus Master"] -->|TCP| B["Network"]
    C["Modbus Master"] -->|TCP| B
    B --> D["Slave Gateway IOLAN"]
    D --> E["Serial EIA-232"]
    E --> F["Modbus Slave"]
    E --> G["Modbus Slave"]
    E --> H["Modbus Slave"]
    D --> I["EIA-422/485"]

Modbus Serial Port Settings

Modbus Master Settings

When the Modbus Masters is attached to the IOLAN's serial port, configure that serial port to the Modbus Gateway profile acting as a Modbus Master. You must configure the Modbus TCP Slaves on the TCP/Ethernet side so the IOLAN can properly route messages, using the Modbus Slave's UIDs, to the appropriate TCP-attached devices.

Modbus Slave

IP: 10.10.10.12

UID: 23

graph LR
    A["Modbus Slave<br>IP: 10.10.10.11<br>UID: 22"] -->|TCP| B["Network"]
    C["Modbus Master"] -->|Serial Port 1| D["IOLAN<br>IP: 10.10.10.10"]
    D -->|EIA-422/485| E["Modbus Master"]
    D -->|Serial| F["EIA-232"]
    B --> G["Master Gateway"]

To configure the Modbus Master on serial port 1, do the following:

1. Select the Modbus Gateway profile for serial port 1.

2. On the General tab, enable the Modbus Master parameter.

3. Click the Destination Slave IP Mappings button and click the Add button in the Destination Slave IP Mappings window.

4. Configure the Destination Slave IP Mappings window as follows: