Digi One® and PortServer® TS Family Command Ref Datasheet by Digi

View All Related Products | Download PDF Datasheet
DIGI.’
Command Reference
Digi One and PortServer TS Family
This manual applies to:
Digi One Family products
PortServer TS Family products:
PortServer TS Family (RS-232 only) Products:
PortServer TS 1/2/4 Family Products
PortServer TS 8/16 Family Products
PortServer TS MEI Products
Digi Remote Power Manager (Digi RPM)
Digi One and PortServer TS Family Command Reference 2
Revision history—90001535
Trademarks and copyright
Digi, Digi International, and the Digi logo are trademarks or registered trademarks in the United States and other
countries worldwide. All other trademarks mentioned in this document are the property of their respective
owners.
© 2020 Digi International. All rights reserved.
Disclaimers
Information in this document is subject to change without notice and does not represent a commitment on the
part of Digi International. Digi provides this document “as is,” without warranty of any kind, expressed or implied,
including, but not limited to, the implied warranties of fitness or merchantability for a particular purpose. Digi
may make improvements and/or changes in this manual or in the product(s) and/or the program(s) described in
this manual at any time.
Warranty
To view product warranties online, visit www.digi.com/howtobuy/terms.
Send comments
Documentation feedback: To provide feedback on this document, send your comments to
techcomm@digi.com.
Customer support
Digi Technical Support: Digi offers multiple technical support plans and service packages to help our customers
get the most out of their Digi product. For information on Technical Support plans and pricing, please contact us
at +1 952.912.3456 or visit www.digi.com/support.
Support portal login: www.digi.com/support/eservice.
Revision Date Description
R January 2014 Added information on the port logging feature and improved
screen captures.
S February 2014 Clarified information about product model support of port
sharing feature. Added European compliance information in
certifications section.
T December 2016 Updated the cover page and removed references to the DF1 half
duplex protocol.
U January 2020 Updated to document initial default passwords.
V October 2020 Command changes.
Contents 3
Chapter 1 Command Line Configuration Tasks
Quick Reference for Configuring Features............................................7
Access the Command Line..................................................................12
Commands for Managing Connections and Sessions.........................13
Users and User Permissions ...............................................................14
Configure RealPort..............................................................................15
Configure an IP Address .....................................................................16
Configure Serial Port Settings .............................................................17
Configure Port Logging........................................................................27
Configure Network Settings.................................................................28
Configure Security Features................................................................35
Configure Power Over Serial Ports .....................................................43
Configure User Attributes ....................................................................44
Configure Embedded Modem..............................................................46
Configuration Management .................................................................47
Chapter 2 Command Descriptions
Basic Command Information ...............................................................50
Commands for Managing Connections and Sessions.........................53
admin...................................................................................................54
boot......................................................................................................55
close ....................................................................................................58
connect................................................................................................60
cpconf ..................................................................................................62
display .................................................................................................63
display buffers .....................................................................................65
exit.......................................................................................................66
help......................................................................................................67
info.......................................................................................................68
kill ........................................................................................................70
mode....................................................................................................71
newpass ..............................................................................................73
ping......................................................................................................74
power...................................................................................................76
C o n t e n t s
4 Contents
quit.......................................................................................................79
reconnect.............................................................................................80
remove.................................................................................................81
revert ...................................................................................................83
rlogin....................................................................................................87
send.....................................................................................................89
set altip ................................................................................................91
set arp..................................................................................................93
set auth................................................................................................94
set buffer..............................................................................................98
set chat................................................................................................99
set config ...........................................................................................101
set consmenu ....................................................................................107
set device ..........................................................................................109
set dhcp.............................................................................................111
set embmodem..................................................................................113
set ethernet........................................................................................114
set filter..............................................................................................116
set flow ..............................................................................................121
set forwarding....................................................................................125
set host..............................................................................................129
set ia..................................................................................................130
set ippool ...........................................................................................152
set keys .............................................................................................153
set line ...............................................................................................155
set logins ...........................................................................................158
set logport..........................................................................................161
set mei...............................................................................................164
set menu............................................................................................165
set modem.........................................................................................168
set netlogins ......................................................................................170
set netport..........................................................................................173
set pmodem.......................................................................................174
set ports.............................................................................................175
set powerunit .....................................................................................181
set profiles .........................................................................................184
set radius...........................................................................................187
set rloginoption ..................................................................................190
set route.............................................................................................191
set rpauth...........................................................................................193
set script ............................................................................................194
set secureaccess...............................................................................200
Contents 5
set service .........................................................................................202
set sharing.........................................................................................204
set snmp............................................................................................208
set snmpauth.....................................................................................211
set sntp..............................................................................................213
set socketid........................................................................................215
set switches.......................................................................................217
set tcpip .............................................................................................221
set telnetip .........................................................................................224
set terms............................................................................................226
set time..............................................................................................228
set timezone ......................................................................................229
set trace.............................................................................................231
set udpdest........................................................................................232
set udpserial ......................................................................................234
set user..............................................................................................237
set web ..............................................................................................250
show ..................................................................................................251
status ................................................................................................. 254
telnet..................................................................................................255
traceroute ..........................................................................................257
uptime................................................................................................258
wan....................................................................................................259
who....................................................................................................261
Chapter 3 Modem Emulation Commands
What Is Modem Emulation? ..............................................................263
Modem Emulation Cable Signals ......................................................263
Modes of Operation...........................................................................263
Common User Scenarios for Modem Emulation ...............................264
Connection Scenarios for Modem Emulation ....................................266
About the Commands in this Chapter................................................267
Accepted But Ignored AT Commands...............................................267
Modem Emulation AT Command Set ................................................268
S-Register Definitions........................................................................271
Result Codes .....................................................................................273
Index.......................................................................................................275
6 Contents
Quick Reference for Configuring Features
Chapter 1 Command Line Configuration Tasks 7
This chapter introduces the command-line interface and shows how to
perform common device configuration tasks from the command line.
Quick Reference for Configuring Features
The following table shows common features that can be configured, the
Digi devices in which the features are supported, the commands used to
configure each feature, and where to find more information in this chapter.
Chapter 1 C o m m a n d L i n e C o n f i g u r a t i o n T a s k s
Feature/Task Digi Devices supported
in Commands, discussion, examples
Autoconnection All "Configure Autoconnection" on page 24
"set ports" on page 176
"set user" on page 238
Configuration management:
Backup/Restore
configuration
All "cpconf" on page 62
Upgrade firmware All "Upgrade Firmware" on page 48
Copy configuration to and
from a remote host
All "Copy the Configuration to and from a
Remote Host (Backup/Restore)" on
page 48
"cpconf" on page 62
Reset configuration to
defaults
All "Reset the Configuration to Defaults" on
page 48
"revert" on page 83
or:
"boot" on page 55
(boot action=factory)
Domain Name Server (DNS) All "Configure Domain Name System
(DNS)" on page 33
"set config" on page 100
"set host" on page 128
Embedded Modem PortServer TS M MEI Family "Configure Embedded Modem" on page
47
"set embmodem" on page 112
"set ports" on page 176; dev option,
where dev=min, mout, or mio
dditional informatio al Automation, 9 www.cl g ggm
Quick Reference for Configuring Features
8Chapter 1 Command Line Configuration Tasks
Industrial Automation (IA):
Protocol conversion
between Modbus, Allen-
Bradley, and ASCII device
Digi One IAP "Configure Industrial Automation (IA)" on
page 23
"set ia" on page 129
For additional information on configuring
Industrial Automation, go to the Digi
website, www.digi.com and search on
Industrial Automation or IA
Allen-Bradley Ethernet-to-
Serial Bridging
Digi One IAP
Omron Hostlink Multi-
Master
Digi One IAP
Modbus Ethernet-to-Serial
Bridging
Digi One IA
Digi One IAP
PortServer TS Family
Custom (user-defined)
Multi-Master Protocol
Digi One IAP
PortServer TS Family
IP routing All "Configure IP Routing" on page 29
"set route" on page 192
"set forwarding" on page 124
"set user" on page 238
MEI PortServer TS 8/16 ME
Family
"set mei" on page 165
"set switches" on page 218
Modem emulation Digi One SP
Digi One IA
PortServer TS Family
"Configure Modem Emulation" on page
23
"set pmodem" on page 175
"set ports" on page 176; dev=pm option
AT commands: See "Modem Emulation
Commands" on page 263
Point-to-Point Protocol (PPP)
connections
PortServer TS Family "Configure PPP Connections" on page
18
"set ports" on page 176
"set flow" on page 120
"set user" on page 238
"set filter" on page 115
"set route" on page 192
"set forwarding" on page 124
"set device" on page 108
"set ippool" on page 152
Port buffering PortServer TS Family "display buffers" on page 65
"set buffer" on page 97
Port logging Digi One IAP
PortServer TS Family
"Configure Port Logging" on page 28
"set logport" on page 161
Port profiles All devices that support the
default Web user interface
"set profiles" on page 185
Feature/Task Digi Devices supported
in Commands, discussion, examples
Quick Reference for Configuring Features
Chapter 1 Command Line Configuration Tasks 9
Port sharing
This is an advanced serial-port
setting that allows more than
one client to open a serial port
through RealPort, reverse
Telnet, reverse SSH, or
connect.
All PortServer TS Family
products.
All Digi One products except
Digi One IAP.
The console menu feature
and the Console
Management port profile are
available on PortServer TS
Family devices only.
When used with RealPort,
the port sharing feature is
formally tested with the
Windows RealPort driver
only, and not with Unix/Linux
driver versions.
"Configure Port Sharing" on page 25
Configure port-sharing options:
"set sharing" on page 205
Display port-sharing options:
"set sharing" on page 205“or "show" on
page 252 (show sharing option).
Use the set profile profile=consmenu
command to enable the console menu
feature, which in turn allows for port
sharing.
Set up the console menu options, for
displaying current users, disconnecting
other sessions, displaying entries in the
port buffer, or accessing the command
line: "set consmenu" on page 106.
Power Features:
Power through Integrated
Remote Power
Management (RPM)
PortServer TS Family "power" on page 76
"set powerunit" on page 182
Power Over Ethernet (POE) Digi One IAP
PortServer TS P MEI Family
This is a hardware feature. There are no
configurable software settings for this
feature.
Power Over Ports/Power
Over Serial
PortServer TS P MEI Family This is a hardware feature. Enabling it
involves changing a jumper inside the
device. See "Configure Power Over Serial
Ports" on page 44.
Display status of circuit breaker:
“display circuitbreaker” (See "display"
on page 63) or “set config print”
Reset circuitbreaker:
“set config
circuitbreaker=reset”
(See "set config" on page 100)
RealPort All See also the RealPort Setup Guides for
details on configuring this feature.
To configure RealPort authentication
options, see "set rpauth" on page 194.
Remote login (rlogin) All "rlogin" on page 87
"set rloginoption" on page 191
Revert configuration settings All "revert" on page 83
Feature/Task Digi Devices supported
in Commands, discussion, examples
Quick Reference for Configuring Features
10 Chapter 1 Command Line Configuration Tasks
Security, users, and access control features:
Control user access to
configuration settings
All "Control Access to the Configuration" on
page 36
"set user" on page 238
Control user access to
inbound and outbound ports
All "Control Access to Inbound Ports" on
page 37
"Control Access to Outbound Ports" on
page 38
"set ports" on page 176; dev option
"set logins" on page 158
"set user" on page 238
Control user access to the
command line
All "Control User Access to the Command
Line" on page 38
Through autoconnect by port: "set ports"
on page 176
Through autoconnect by user: "set user"
on page 238
Through menus: "set menu" on page
166
Restrict access to outbound
ports
All "Restrict Access to Outbound Ports" on
page 38
"set auth" on page 94
Use CHAP authentication
for PPP users
All "Use CHAP Authentication for PPP
Users" on page 38
"set user" on page 238
Use RADIUS to
authenticate users
PortServer TS Family "Use RADIUS to Authenticate Users" on
page 39
"set radius" on page 188
"set filter" on page 115
Issue user passwords All "Issue User Passwords" on page 41
To enable/disable password for a user:
"set user" on page 238
To issue new password to user:
"newpass" on page 73
"Configure User Attributes" on page 45
Feature/Task Digi Devices supported
in Commands, discussion, examples
Quick Reference for Configuring Features
Chapter 1 Command Line Configuration Tasks 11
Security, users, and access control features (continued):
Configure SSH Version 2 for
secure communication
Digi One IAP
PortServer TS Family
"Configure SSH Version 2 Encryption for
Secure Communication" on page 42
Configure password protection:
"set user" on page 238; name and
password options, and "newpass" on
page 73
Use a public key: "set user" on page
238; name, loadkey, and public_key
options
Make reverse SSH connections to ports:
ssh base_port+ 500 + port_number
Configure a custom menu to
be displayed to a user
PortServer TS Family "Configure User Attributes" on page 45
"set user" on page 238;
defaultaccess=menu
Automatically connect a
user
All "Configure User Attributes" on page 45
"set user" on page 238;
autoconnect=on
Delete a user definition
(Remove a user from the
user table)
All "Configure User Attributes" on page 45
"remove" on page 81
Note that the root user cannot be
deleted.
Set common user features
(user attributes)
All "Configure User Attributes" on page 45
"set user" on page 238; name option
Use a RADIUS server to set
user attributes
PortServer TS Family "Configure User Attributes" on page 45
"set radius" on page 188
"set filter" on page 115
Simple Network Management
Protocol (SNMP)
All "Configure SNMP" on page 34
"set snmp" on page 209
"set snmpauth" on page 212
TCP Socket Communication All "set tcpip" on page 222
Time-related features,
including Simple Network Time
Protocol (SNTP) client
configuration
PortServer TS 8/16 Family
PortServer TS 8/16 MEI
Family
"set sntp" on page 214
"set time" on page 229
"set timezone" on page 230
UDP Multicast Communication All "set udpdest" on page 233
"set udpserial" on page 235
Web interface All devices that support the
default Web user interface
"set netport" on page 174
"set web" on page 251
Feature/Task Digi Devices supported
in Commands, discussion, examples
Access the Command Line
12 Chapter 1 Command Line Configuration Tasks
Access the Command Line
To configure devices using commands, you must first access the command
line, either from a locally connected terminal or a Telnet session, and then
log on as root from the command line.
From a Locally-Connected Terminal
To access the command line and the configuration from a terminal
connected to one of the device server’s serial ports, follow these steps.
1. Connect a terminal or PC to a serial port on the device server. For a
Windows HyperTerminal connection, use the cable that came in the
package.
2. Configure the options of the terminal or terminal emulation software to
work with the Digi serial port. The default port settings are:
VT 100 emulation
9600 baud
8-bit character
1 stop bit
No parity
3. Log in as the root user.
Note: The default user name is root. The default password is printed on
the device label. If a password is not on the label, the default password
is dbps. If neither default password works, the password may have
been updated. Check with your system administrator.
From a Telnet Session
Use this procedure to access the command line and the configuration from
a Telnet session. This procedure assumes that you have configure the Digi
device with an IP address already. See "Configure an IP Address" on page
17.
1. To Telnet to the device server, enter the following command from a
command prompt on another networked device, such as a server:
#> telnet ip address
where ip address is the device server’s IP address. For example:
#> telnet 192.3.23.5
2. Log in as the root user.
Note: The default user name is root. The default password is printed on
the device label. If a password is not on the label, the default password
is dbps. If neither default password works, the password may have
been updated. Check with your system administrator.
Access the Command Line
Chapter 1 Command Line Configuration Tasks 13
If You Cannot Access the Command Line
If you cannot access the command line, your user access permissions may
be set to disable access to the command line. See "Control User Access to
the Command Line" on page 38.
Commands for Managing Connections and Sessions
14 Chapter 1 Command Line Configuration Tasks
Commands for Managing Connections and Sessions
These commands are used to manage connections and sessions:
close: Closes active sessions that were opened by connect, rlogin,
and telnet commands.
connect: Makes a connection, or establishes a connection, with a serial
port.
exit and quit: These commands terminate a currently active session.
who and kill: The who command displays a global list of connections.
The list of connections includes those associated with a serial port or
the command-line interface. who is particularly useful in conjunction
with the kill command, which terminates active connections. Use who to
determine any connections that are no longer needed, and end the
connections by issuing a kill command.
mode: Changes or displays the operating options for a current Telnet
session.
ping: Tests whether a host or other device is active and reachable.
reconnect: Reestablishes a previously established connection; that is,
a connection opened by a connect, rlogin, or telnet command; the
default operation is to reconnect to the last active session.
rlogin: Performs a login to a remote system.
send: Sends a Telnet control command, such as break, abort output,
are you there, escape, or interrupt process, to the last active Telnet
session.
status: Displays a list of sessions, or outgoing connections made by
connect, rlogin, or telnet commands for a device. Typically, the status
command is used to determine which of the current sessions to close.
telnet: Makes an outgoing Telnet connection, also known as a session.
Users and User Permissions
Chapter 1 Command Line Configuration Tasks 15
Users and User Permissions
Digi One and PortServer TS products have two types of users, with
different user permissions that influence the commands that the users can
issue.
The “root” User
A root user exists in all products. This root user has permissions to
execute all commands, except admin, which is used to give a normal user
temporary administrative privileges. The root user can configure settings
as well as display current settings. This root user definition cannot be
changed or deleted.
“Normal” Users
You can define additional users for your Digi products using the set user
command, known as “normal” or “customer-defined” users. These users
have limited user permissions for executing commands that cannot be
altered.
“Required Permissions” Statements in Command Descriptions
Each command description has a Required permissions statement that
defines which users can use the command, and how they can use it. For
example:
Root privileges are required to use this command means that only
the root user can issue the command.
Anyone can use this command means that root and normal users
can issue the command.
For set commands that configure features, the root user can issue
commands to configure the features, but normal users can display
current settings for the feature only.
Increasing Security for Digi Device Users
As needed, you can enforce additional security for device users by either of
these methods:
Custom menus: You can create a custom menu displayed to device
users at login that offers a limited subset of commands. The set menu
command is used to create custom menus. See "set menu" on page
166.
Using the autoconnect feature, where after login the user is
automatically connected to another system without accessing the Digi
device’s command line and password requirements. You can configure
autoconnection by port or by user. See "Configure Autoconnection" on
page 24.
Configure RealPort
16 Chapter 1 Command Line Configuration Tasks
Configure RealPort
RealPort is a feature that allows network-based host systems to use the
ports of the device server as though they were the host system’s own ports,
appearing and behaving as local ports to the network-based host.
The set rpauth command sets authentication options for RealPort.
RealPort has a challenge-authentication protocol that, if enabled, allows
only hosts that authenticate to use ports on the Digi device. This
authentication protocol is supported for both encrypted and unencrypted
versions of RealPort.
In order to use RealPort authentication, it must be enabled in both the
driver and the Digi device.
For further configuration details, see "set rpauth" on page 194 and the Digi
One and PortServer TS Family User Guide’s chapter on setting up
RealPort.
Configure an IP Address
Chapter 1 Command Line Configuration Tasks 17
Configure an IP Address
To configure an IP address, mask, and default gateway for the device
server’s Ethernet interface, use the set config command.
1. To ensure that the IP address you configure is permanent, turn DHCP
off by entering:
#> set config dhcp=off
2. Configure an IP address for the Ethernet interface by entering:
#> set config ip=ip address
where ip address is the IP address for the Ethernet interface. For
example:
#> set config ip=191.143.2.154
3. Configure a subnet mask by entering:
#> set config submask=mask
where mask is the subnet mask for this subnetwork. For example:
#> set config submask=255.255.255.0
4. To configure a default gateway, enter:
#> set config gateway=ip address
where ip address is the IP address of the default gateway. For example:
#> set config gateway=191.143.2.46
5. Reboot the Digi device at the prompt by entering:
#> boot action=reset
For more information, see "set config" on page 100 and "boot" on page 55.
Example
The two set config commands configure the Ethernet interface. The boot
command reboots the Digi device, which is required for the address
change to take effect.
#> set config ip=192.150.150.10 submask=255.255.255.0 dhcp=off
#> set config gateway=192.150.150.11
#> boot action=reset
Configure Serial Port Settings
18 Chapter 1 Command Line Configuration Tasks
Configure Serial Port Settings
Configuring serial port settings involves setting the following options for a
port:
Point-to-Point (PPP) connections
Industrial automation (IA)
Modem emulation
TCP socket communication
UDP Multicast communication
• Autoconnection
Port sharing
Configure PPP Connections
Configuring Point-to-Point Protocol (PPP) connections includes:
Configuring inbound PPP connections
Configuring outbound PPP connections
Using filters on the PPP connections, as needed
Configure Inbound PPP Connections
To configure simple inbound PPP connections from the command line,
follow the steps below. Regarding inbound PPP connections:
For information on fine-tuning PPP connections, see "set user" on page
238.
CHAP authentication works between two Digi devices. CHAP will be
negotiated to PAP for all other connections
1. To configure the port for a modem, enter:
#> set ports range=range dev=device
where range is the port or ports and device is min for inbound-only
modem connections, or mio for bidirectional modem connections.
For example:
#> set ports range=3 device=min
2. To configure flow control for the ports, enter:
#> set flow range=range flow control scheme
where range is the port or ports and flow control scheme is the flow
control required for this connection.
There are several options for establishing a flow-control scheme on
set flow. Typically, for modem connections, RTS and CTS are on. The
following example shows a typical flow-control scheme for a modem:
#> set flow range=3 ixon=off ixoff=off rts=on cts=on
Configure Serial Port Settings
Chapter 1 Command Line Configuration Tasks 19
3. To configure the baud rate for this connection, enter:
#> set line range=range baud=bps
where range is the port or ports to configure and bps is the line speed
in bits-per-second. Typically, you can set this to 115000 bps for modem
connections. For example:
#> set line range=3 baud=115000
4. To create an inbound PPP user, enter:
#> set user name=name protocol=ppp netservice=on
defaultaccess=netservice
where name is a name to assign to the PPP user. For example:
#> set user name=pppin protocol=ppp netservice=on defaultaccess=netservice
5. To configure an IP address for the remote PPP user, enter:
#> set user name=name ipaddr=ip address
where name is the user’s name, and ip address is one of the following:
A standard IP address in dotted decimal format.
0.0.0.0, which means the remote user will supply the IP address.
The keyword ippool, which means the user will be assigned an IP
address from an IP address pool. See "set ippool" on page 152.
For example:
#> set user name=pppin ipaddr=ippool
6. If you used the IP address pool option in the previous step, specify the
following subnetwork mask (a mask of 255.255.255.255 is required) by
entering:
#> set user ipmask=255.255.255.255
7. To configure an IP address for the local end of the PPP connection,
enter:
#> set user name=name localipaddr=ip address
where name is the user’s name and ip address is the IP address to
assign to the local end of the PPP connection. This address must be
unique. That is, no other user can be assigned this address and it
cannot be the IP address for the Ethernet interface. For example:
#> set user name=pppin localipadr=199.1.1.2
Example
This example shows a very simple PPP inbound configuration where:
The port is set up for inbound connections (dev=min).
RTS and CTS are used for flow control.
The baud rate has been set to 115000 bps.
The user has been configured to use an IP address pool.
#> set ports range=3 device=min
#> set flow range=3 ixon=off ixoff=off rts=on cts=on
#> set line range=3 baud=115000
#> set user name=pppin protocol=ppp netservice=on defaultaccess=netservice
#> set user name=pppin ipaddr=ippool
Configure Serial Port Settings
20 Chapter 1 Command Line Configuration Tasks
#> set user name=pppin localipadr=199.1.1.2
See Also
For more information, see these command descriptions:
"set ports" on page 176
"set flow" on page 120
"set line" on page 155
"set user" on page 238
Configure Outbound PPP Connections with Filters
To configure outbound-only PPP connections with filters, or the outbound
portion of bidirectional connections with filters, follow the steps below.
Regarding outbound PPP connections:
If you do not require filters for your outbound PPP connection, you may
use this procedure, but omit step 1. If there is no filter, when the dialout
connection is turned on, the device will automatically dial out.
For dialout outbound connections to a non-Digi device, select a PPP
authentication type of none, using the set user option pppauth=none.
CHAP authentication works between two Digi devices.
If you change a filter type after an initial configuration, existing PPP
sessions must be terminated and reestablished For the new filter
settings to take effect.
1. To set the filter for the outbound connection, enter:
#> set filter name=”filter names1=dst/ip address/subnetmask
See "set filter" on page 115 for more details on filters.
2. To set the flow control to hardware, enter:
#> set flow range=1 ixon=off ixoff=off rts=on cts=on
Note: PortServer TS 1/3+Modem flow control default is Hardware.
3. To configure the user for the outbound PPP connection, enter:
#> set user name=”<username>” protocol=ppp
4. To set up the user for the PPP environment, including such items as the
local IP address, the devices, and telephone number, enter:
#> set user name=”<username>” ipaddr=negotiated ipmask=255.255.255.255
For a description of the options for specifying the IP address, see
"ipaddr=ip addr" on page 244 of the set user command description.
#> set user name=”username” defaultaccess=netservice autoport=513
password=on
#> set user name=”username” outgoing=on autoservice=default
#> set user name=”username” bringup=”filter name
#> set user name=”username” device=”gendialer”
5. To assign the dialscript to which the port the modem is connected,
enter:
#> set device name=”gendialer” baud=no dialer=genmdm chat=no port=1
Configure Serial Port Settings
Chapter 1 Command Line Configuration Tasks 21
For more information on the configuring the port, see "set device" on
page 108.
6. To set up routing for the PPP connection, enter:
#> set forwarding state=active splithorizon=off poisonreverse=off
#> set route net=ip address mask=subnetmask metric=1 wanname=”username
The value of the wanname option must match the value of the
username option in step 2.
7. To enable the new WAN interface, enter:
#> set user name=”username” dialout=on
Example
The following example shows a simple outbound PPP configuration with
filters and the following properties:
The port is set up for outbound connections.
Flow control is set to Hardware (for the PortServer TS 1/3+Modem, the
default is Hardware).
Default device and scripts are used.
#> set filter name=”filter names1=dst/ip address/subnetmask
#> set flow range=1 ixon=off ixoff=off rts=on cts=on
#> set user name=”username” protocol=ppp
#> set user name=”username” ipaddr=negotiated ipmask=255.255.255.255
#> set user name=”username” defaultaccess=netservice autoport=513
password=on
#> set user name=”username” outgoing=on autoservice=default
#> set user name=”username” bringup=”<filter name>”
#> set user name=”username” device=”gendialer”
#> set device name=”gendialer” baud=no dialer=genmdm chat=no port=1
#> set forwarding state=active splithorizon=off poisonreverse=off
#> set route net=ip address mask=subnetmask metric=1 wanname=”username
#> set user name=”username” dialout=on
“set user" passpackel Causes a packet to be Filter causes incoming packets from keepup Causes the idlelimeoul Filter that causes the connection to bringup Causes the Digi device 10 Filter that causes an outgoing logpacket Causes the Digi device to Filter that notifies the log anytime an
Configure Serial Port Settings
22 Chapter 1 Command Line Configuration Tasks
Filters for PPP Connections
Filters are used to manage and control Point-to-Point Protocol (PPP)
connections. You can design a filter to do any of the following:
Bring up a connection.
Allow certain types of packets to use the connection and keep certain
types of packets from using it.
Keep up a connection.
Send a message to the log file when a specified event occurs on the
connection.
For example, you might develop a filter that brings up a connection on an
outbound port only when device server handles a packet carrying a
particular destination IP address.
The set user command has options that define how a filter functions, that
is, whether it is the type of filter that accepts or blocks packets, brings up a
connection, keeps up a connection, or sends a message to the log file. The
following table describes each of the set user options related to filtering.
When Changes to Filter Definition Settings Take Effect
The set filter command can be used at any time to change and display
filters. However, the results of any changes to filter definition settings take
effect on subsequent PPP connections only. Any PPP connections
established prior to a given filter change will continue to operate using the
previous filter definition settings. For the new filter settings to take effect,
existing PPP sessions must be terminated and reestablished.
More Information on Filters
For more information about using filters, see "set filter" on page 115, and
"set user" on page 238.
“set user
Option Description Example
passpacket Causes a packet to be
passed or blocked.
Filter causes incoming packets from
an IP address to be accepted and
packets from all other IP addresses
to be blocked.
keepup Causes the idletimeout
timer to be reset and a
connection maintained.
Filter that causes the connection to
be maintained as long as there is
any packet traffic except RIP
packets.
bringup Causes the Digi device to
establish a connection.
Filter that causes an outgoing
connection to be initiated whenever
a packet specifying a particular IP
address is handled.
logpacket Causes the Digi device to
send a message to the
log file.
Filter that notifies the log anytime an
ICMP packet is handled.
https://www.diqi.com/supporUproductdetail/documentation
Configure Serial Port Settings
Chapter 1 Command Line Configuration Tasks 23
Configure Industrial Automation (IA)
To configure how devices in an industrial automation (IA) environment
communicate, use the set ia command.
See "set ia" on page 129 for command syntax, option descriptions, and
examples. The syntax for “set ia” varies according to the IA device being
configured: serial port-connected devices, network-based masters,
network-based slaves, and destination tables for forwarding messages.
The set ia command description shows these syntax variations, the effects
of the command options for each variation, and examples of configuring
several IA devices.
Protocols for IA Devices
IA devices can use various communication protocols, including Modbus
variations (Modbus/RTU, Modbus/ASCII, and Modbus/TCP), AB/DF1 Full-
Duplex, Hostlink, AB/Ethernet (CSP), Ethernet/IP, and a Custom (or “user-
defined”) protocol.
Recommendations on Configuring Industrial Automation
Due to the flexibility involved, manual configuration of IA scenarios by
command line is recommended for advanced users only. New users are
encouraged to use the Industrial Automation Wizard under the Applications
section of the Web Browser interface.
Where to Find More Information on Industrial Automation
Besides the set ia command description, additional information on
configuring Industrial Automation is available in the Application Notes at
the following URL:
https://www.digi.com/support/productdetail/documentation
Configure Modem Emulation
Modem emulation enables a system administrator to configure a
networked Digi device server to act as a modem.
See "Modem Emulation Commands" on page 263 for more information on
modem emulation.
Configure TCP Socket Communication
Transmission Control Protocol (TCP) socket communication enables serial
devices to communicate with each other over an Ethernet network as
though they were connected by a serial cable.
To configure TCP socket communications, use the sockets option on the
set config command. See "set config" on page 100.
Configure UDP Multicast Communications
User Datagram Protocol (UDP) multicast is used to send serial data over
an Ethernet cable to one or many hosts at the same time.
To configure UDP multicast communications, use the set udpdest
command. See "set udpdest" on page 233.
Configure Serial Port Settings
24 Chapter 1 Command Line Configuration Tasks
Configure Autoconnection
The autoconnection feature allows you to configure a user to access the
device server and then be automatically connected to a host on the LAN.
You can implement autoconnection in the following ways:
By port, where all port users are automatically connected to the same
host. The device server is completely transparent to them.
By user, where a user is required to log on and may be required to
supply a password. Once the user is authenticated, an automatic
connection to a host is made.
To configure autoconnection, either by port or by user, use the following
commands:
set ports, specifying the options auto, autoservice, dest, dev, and
dport. See "set ports" on page 176.
set user, specifying the options name, autoconnect, autohost,
autoport, and defaultaccess. See "set user" on page 238.
Examples
Configure an autoconnect port
In this example, set ports configures the port so that all incoming users are
automatically connected via Telnet to the host specified on the dest option.
The port is also available for outgoing connections.
set ports range=1 auto=on dest=199.125.123.10 dev=mio dport=23
Configure an autoconnect user
In this example, set user configures the user user4 to be automatically
connected via Telnet to a host at address 199.193.150.10.
#> set user name=user4 autoconnect=on autohost=199.193.150.10 autoport=23
defaultaccess=autoconnect
Configure Serial Port Settings
Chapter 1 Command Line Configuration Tasks 25
Configure Port Sharing
A Digi device enabled for port sharing allows more than one client to open
a port through RealPort, reverse Telnet, reverse SSH, or connect. All
clients that share a port will read the same data from the serial port; the
data is duplicated and sent to each client. All clients that share a port will
have the data they write merged and sent out the serial port. The serial port
options, such as baud rate and flow control, can either be shared by all
clients or be controlled exclusively from the Digi device alone. If there is
only one client, then RealPort, reverse Telnet, reverse SSH, and connect
will work normally.
Digi Products Supporting Port Sharing
Port sharing is supported in the following products:
All PortServer TS Family products.
All Digi One products except Digi One IAP.
The console menu feature and the Console Management port profile are
available on PortServer TS Family devices only.
When used with RealPort, port sharing feature is formally tested with the
Windows RealPort driver only, and not with Unix/Linux driver versions.
Device Types that Allow Port Sharing
Port sharing is only available for device types rp, prn, and mout, as
specified by the set ports dev=device option. Configuring port sharing
Configuring port sharing involves specifying how many clients are allowed
to share the port, whether control should be shared by all clients or
controlled exclusively by the Digi device, and the flow control timeout.
These options can be configured independently for each port. The
command for configuring port sharing is set sharing (see "set sharing" on
page 205).
Configuring a Console Menu for Use with Port Sharing
The Console Menu feature of the Digi PortServer TS allows you to see who
is already connected to a port, disconnect other sessions, display the last
entries of the port-buffer or branch out to the command line of the unit. The
console menu is configured using the set consmenu command. See
"set consmenu" on page 106.
Displaying Port-Sharing Settings
Port-sharing settings are displayed by either of the following commands:
set sharing - display variation (see "set sharing" on page 205)
show - display variation (see "display" on page 63)
The port-sharing settings are displayed in four columns: current clients,
max clients, control, and timeout.
The current clients column shows how many clients are currently sharing
the port. The max clients, control, and timeout columns show the value
set with the clients, control, and timeout options.
Configure Serial Port Settings
26 Chapter 1 Command Line Configuration Tasks
When Changes to Port-Sharing Settings Take Effect
Some changes will not take effect until all clients have closed a port. If this
is the case, the set sharing command will print a warning message saying:
“Warning: Some port sharing parameter changes will not take effect until
all clients have closed the port.”
Some changes take effect immediately, for example, changing the control,
changing the timeout value, or increasing the maximum number of clients if
the clients option is already larger than 1 (so that port sharing is already
on).
About Flow Control on Shared Ports
All open shared ports share the same underlying input data buffers, so they
must remain roughly in sync in the input data stream. For example, if one
client stops reading data, the other clients sharing that same physical port
can only read one buffer full of data ahead before they must wait for the
first client to catch up.
To overcome this limitation that all clients must remain roughly in sync
when reading data, a user-configurable timeout can be set by the
set sharing timeout option. If one client is waiting for the other clients to
read, it only has to wait until the timeout expires and then it will be allowed
to continue reading. The other clients, that is, ones that are not reading
data, will lose data from the time the timeout expires until they begin
reading again. This timeout will not be set by default.
Considerations and Cautions for Port Sharing
There are several caveats when using port sharing:
When clients send data to the ports, their data will be intermixed; that is,
there is no synchronization of the data. If two clients send data at the
same time, the data from one client might appear in the middle of the
other client's data.
If one client stops reading data, the input will be flow-controlled for all
clients. Clients will only be able to read data at the rate of the slowest
client. (There is a timeout to override this, as described above.)
Incoming opens, persistent opens, and immediate opens may not
behave as expected when multiple clients are opening the port at the
same time.
The modem control lines are not dropped until all clients have closed
the port.
When multiple clients share control of the serial port options, such as
baud rate, data size, parity, flow control, etc., the last options set will
take effect. The serial port options could be changed unexpectedly by
another client. This could leave the RealPort driver confused about the
correct serial port settings. Different RealPort drivers might react
differently to these unexpected changes in serial port settings.
Configure Serial Port Settings
Chapter 1 Command Line Configuration Tasks 27
When multiple clients share control of the serial port options, and a new
client opens a port, that new client might momentarily set the options to
default values before the application can set the options correctly. This
might momentarily disrupt communication with the other clients.
Depending on the operating system used by the client, it is possible to
set the default serial port options to match the options required by the
application. Then, there will be no disruption.
When multiple clients share control of the serial-port options, some
serial-port options, such as case conversion, carriage return, newline
mapping, etc., might be handled on the client system. Therefore, these
options would apply to the client that set these options only.
When the Digi device exclusively controls the serial port settings, any
attempt to change the serial port settings from a client will be silently
ignored. The client will believe the settings have been changed, when in
fact they have not. The only way to change the serial port settings is
through the command line on the Digi device or through the web UI.
With reverse Telnet, reverse SSH, and connect, it is possible for a
single client machine to open a single shared port multiple times by
using multiple telnet or ssh sessions.
However, with RealPort, it is not possible for a single client machine to
open the same RealPort multiple times and use port sharing. Windows
simply prevents one machine from opening a RealPort more than once.
Unix does allow a single machine to open a RealPort more than once,
but the sharing is happening on that Unix machine, not on the Digi
device.
Unix sharing does merge data written to the port and shares control of
the port. However, it does not duplicate the incoming data to all
programs that have opened the same RealPort. Instead, the incoming
data is arbitrarily divided among the programs.
It is possible for one machine to use port sharing with RealPort, but only
by configuring the RealPort driver multiple times for the same Digi
device.
Windows RealPort explicitly forces DTR and RTS to drop when it closes
a port. This could prevent other clients sharing that port from sending or
receiving data, depending on the configuration. If this is a problem, set
the shared port for exclusive control. Unix RealPort does not have this
problem.
Examples
The example "Display and Change Port-Sharing Settings" on page 207
shows how to use the show sharing and set sharing commands to
display current port-sharing settings, configure port-sharing settings, and
display the changed settings.
Configure Port Logging
28 Chapter 1 Command Line Configuration Tasks
Configure Port Logging
The port logging feature passively logs data going into or out of a serial
port. This means that you can be using a standard reverse or RealPort
session on a port, and all the data from that session can be sent to a
configurable server.
To configure port logging, use set logport command. See "set logport" on
page 161.
To revert the port-logging settings to defaults or to the latest configuration
stored in NVRAM, use the revert logport command. See "revert" on page
83.
Configure Network Settings
Chapter 1 Command Line Configuration Tasks 29
Configure Network Settings
Configuring network settings involves setting network parameters,
configuring IP routing, setting up a Domain Name Server (DNS). and
setting up Simple Network Management Protocol (SNMP).
Configure Network Parameters
The set config command configures network parameter, and includes
several options for optimizing your network for better Ethernet/IP
performance. See "set config" on page 100.
The set ethernet command sets Ethernet options. See "set ethernet" on
page 113.
Configure IP Routing
Configuring IP routing involves these tasks:
Configure static routes using the “set route” command (see "set route"
on page 192).
Configure dynamic routes using the set forwarding command (see
"set forwarding" on page 124).
Configure Proxy ARP using the set forwarding command.
Configure Static Routes
To configure a static route over a PPP link, enter:
set route net=addr mask=mask metric=hops wanname=interface
gateway=gateway
where:
net is either the IP address of a system to be reached over this route or
the network address of the subnet that is to be reached on this route.
mask is the mask to use for interpreting the IP address.
metric is the number of hops to the destination.
wanname is the interface to use for this route.
For routes over a PPP link, use the name of a PPP user that was
defined in a previously issued set user command, for example ppp1 or
link1. (See "set user" on page 238 for information on and options for
defining PPP users.)
For routes over the Ethernet interface, use ether.
gateway is the IP address of the device that is the next hop to the
destination. If there is no next hop destination, set the gateway to the
device IP address.
For more information on static routes, see "set route" on page 192.
Configure Network Settings
30 Chapter 1 Command Line Configuration Tasks
Example: Route Using the Ethernet Interface
In this example, a route to a subnet is created over the Ethernet interface.
Key features include the following:
The address on the net option is a subnetwork address, not the IP
address of a specific device.
The wanname=ether option, indicating that this route is over the
Ethernet interface.
The metric option indicates that packets to this subnet will pass through
two routers.
The gateway option indicates that all packets using this route are to be
forwarded to the device at IP address 191.21.21.2.
#> set route net=199.21.33.0 mask=255.255.255.0 metric=2 wannname=ether
gateway=199.21.21.2
Example: Route Using a PPP Link
In this example, a route to a subnet is created over a PPP interface. Key
features include the following:
The address on the net option is IP address of a specific device, not a
subnetwork address.
The wanname option is the name of a PPP use, indicating that this
route is over a PPP interface.
The metric option indicates that packets to this subnet will pass through
two routers.
The gateway option indicates that all packets using this route are to be
forwarded to the device at IP address 191.21.21.2.
#> set route net=199.21.33.44 mask=255.255.255.255 metric=2 wannname=ppp1
gateway=199.21.21.2
Configure Network Settings
Chapter 1 Command Line Configuration Tasks 31
Configure Dynamic Routes Using RIP
To configure the device server for dynamic routing using the Routing
Information Protocol (RIP), use the set forwarding command. See
"set forwarding" on page 124.
You should be signed on as root and have configured or will configure
modems, modem scripts, devices, and filters for routes that use serial
lines.
1. Configure the links over which routed packets and RIP updates will be
sent.
To enable routing over the LAN to which device server is attached,
no routing-specific configuration is required.
To enable routing over PPP links, be sure to use the “netrouting”
option on the set user command to configure how device server
handles RIP updates. You can configure the link so that device
server does any of the following with RIP updates:
- Both sends and receives them (netrouting=both)
- Sends them only (netrouting=send)
- Receives them only (netrouting=receive)
- Neither sends nor receives them (netrouting=off)
2. Configure the device server for dynamic routing with a set forwarding
command that specifies state=active.
This example shows only those commands and command options
pertinent to routing. The device server is configured for dynamic routing
using RIP. But to prevent RIP updates from being sent across the PPP link,
the set user command that defines the link specifies netrouting=off.
The commands to configure this setup are:
#> set forwarding state=active poisonreverse=on splithorizon=on
#> set user name=link1...netrouting=off
Digi Device
Router
192.150.75.0
187.100.46.9
PPP
Wgfl
Configure Network Settings
32 Chapter 1 Command Line Configuration Tasks
Configure Proxy ARP
To configure the device server for Proxy ARP, use the set forwarding
command. See "set forwarding" on page 124.
This procedure assumes that you have signed on as root and have
configured or will configure modems, modem scripts, devices, and filters
for routes that use serial lines.
1. Configure the links over which packets will be routed using a set user
command. This command must specify (on the ipaddr option) a spe-
cific IP address for the remote system using the Proxy ARP service.
2. Configure the device server for Proxy ARP by supplying a
set forwarding command that specifies the following options:
state=passive
• proxyarp=on
For example, the device server provides Proxy ARP services to a remote
host.
The commands to configure this setup are:
#> set user name=link1...ipaddr=187.155.24.11
#> set forwarding state=passive proxyarp=on
Digi Device
187.155.24.0
PPP
187.155.24.11
Configure Network Settings
Chapter 1 Command Line Configuration Tasks 33
Configure Domain Name System (DNS)
The domain name system (DNS) maps domain names to information
associated with these names, such as IP addresses. Configuring the DNS
involves the following tasks:
Configure a DNS server
Configure the host table
DNS components include:
A distributed database consisting of domain names and associated
information.
A hierarchical system of domain name servers that maintain the
database and use it to respond to requests for information about a
particular domain name, such as its IP address.
Domain name resolvers that accept requests from users, satisfy
information requests by building and submitting properly formulated
queries to one or more name servers or by retrieving information from a
local host file, return information to users, and cache information for
future use.
There are two types of name servers in the domain name system. Local
servers maintain information for resources within a local zone. It is up to
individual network administrators to determine the scope of a local zone.
Root servers maintain information in higher-level domains than do local
servers.
Typically, when a user requires information about a domain name, the
resolver queries a local server. If local servers cannot provide the
information, root servers are queried next.
Each node in the domain name system has a globally unique domain name
that consists of its own name, which is called a label, and the labels of all
superior nodes.
Following is an example of a domain name. mn07 is part of the higher-level
domain called amalgamated.com. Note that labels are separated by
periods:
#> mn07.amalgamated.com
Configure a DNS Server
To configure a DNS server, enter:
#> set config domain=domain myname=name dns=ip address
where:
domain is the domain in which the device server will reside
name is a DNS name for device server
ip address is the IP address of a name server
For example:
#> set config domain=digi.com myname=poe dns=204.221.1.4
For more information, see "set config" on page 100.
Configure Network Settings
34 Chapter 1 Command Line Configuration Tasks
Configure the Host Table
To configure the host table, which maps IP addresses to host names, enter:
#> set host name=name ip=ip address
where:
name is the name the host
ip address is the IP address of the host
For example, the following commands configure three IP address-to-name
mappings:
#> set host name=poe ip=204.221.110.200
#> set host name=gary ip=204.221.110.202
#> set host name=toni ip=204.221.110.203
For more information, see "set host" on page 128.
Configure SNMP
Simple Network Management Protocol (SNMP) is the network
management protocol that governs the exchange between nodes and
stations.
The TCP/IP network management architecture contains the following
components:
Managed nodes, such as host systems, routers, terminal and
communications servers (such as device server) and other network
devices.
One or more network managers (also called network management
stations), which are the points from which the network is managed.
Agents that reside on managed nodes and retrieve management
information and communicate this information to network managers.
The network management protocol, SNMP, which governs the
exchange of information between the nodes and stations.
Management information, which is the database of information about
managed objects. This database is called the management information
base (MIB).
Each managed node contains at least one agent—a component that
responds to requests from the network manager—that retrieves network
management information from its node and notifies the manager when
significant events occur.
A mechanism defined by SNMP is called a trap, which is a report or alarm”
from a managed node to an SNMP manager that a significant event has
occurred.
Configure Network Settings
Chapter 1 Command Line Configuration Tasks 35
The SNMP management agent supports the following MIBs:
Read-write for MIB II (RFC 1213), which is an Internet-standard MIB,
consisting of managed objects from the systems, interfaces, IP, ICMP,
TCP, UDP, transmission, and SNMP group
Read-write for the character-stream devices using SMIv2 MIB (RFC
1658)
Read-write for the RS-232-like hardware devices MIB (RFC 1659)
Read-write for the device server IP Network Control Protocol of the
Point-to-Point Protocol MIB (RFC 1473)
The SNMP agent supports the Set, Get, GetNext, and Trap messages as
defined in RFC 1157. These messages are used as follows:
Set, which means “set the value of a specific object from one of the
supported MIBs.”
Get, which means “retrieve the value of a specific object form one of the
supported MIBs.”
GetNext, which means “retrieve the value of the next object in the MIB.”
Trap, which means “send traps to the manager when a particular type
of significant event occurs.”
The SNMP agent can generate and send traps to a destination IP address
when any of the following occur:
Authentication failures
Login attempts
Cold starts (when the Digi device initializes)
Link up (when a network link comes up)
For Digi devices connected to a Digi RPM power controller, when the
Digi RPM exceeds the current and temperature thresholds.
“set snmp”Command
To configure SNMP, use the set snmp command. For more information,
see "set snmp" on page 209.
For example, the following set snmp command configures SNMP with all
trap options:
#> set snmp run=on trap_dest=190.175.178.73 auth_trap=on
cold_start_trap=on link_up_trap=on curr_thresh_exc_trap=on
temp_thresh_exc_trap=on
Configure Security Features
36 Chapter 1 Command Line Configuration Tasks
Configure Security Features
From the command line, you can configure several security-related
features to do the following:
Control access to the configuration.
Control access to inbound ports.
Control access to outbound ports.
Restrict access to outbound ports.
Use CHAP authentication for PPP users.
Control user access to the command line.
Use RADIUS to authenticate users.
Issue user passwords.
Configure SSH Version 2 for secure communication.
Control Access to the Configuration
User access to Digi device configuration settings can be controlled by
either of the following methods:
Through user attributes configured by various set user command
options.
Through network settings configured by the set user network option.
Controlling access of the device server restricts access to the configuration
by defining the following types of users:
The root user, who has unlimited access to device server commands.
This root user can view any configuration table and change any
configuration option. The root is identified by the user name root and
must supply a password to be authenticated. The default username is
root and the default password is printed on the device label. If a
password is not on the label, the default password is dbps. If neither
default password works, the password may have been updated. Check
with your system administrator..
Regular users, who have much more restricted access to device server
commands. Regular users can view some configuration tables and can
change some configuration options related to their own sessions and
passwords. For information on the limitations placed on regular users
for each command see "set user" on page 238.
Configure Security Features
Chapter 1 Command Line Configuration Tasks 37
Control Access to Inbound Ports
An inbound port is one defined on thedev” option of the set ports
command for one of the following device types:
term for terminal connections.
min for incoming modem connections.
mio for bi-directional modem connections.
hdial or hio for computer connections.
The default configuration for inbound ports is that a login and password are
required to access them.
The login and password requirement for inbound ports can be changed by
configuring either of the following:
The port, so that it does not require a login and password. In this case,
no one is required to supply a login or password.
Specific users, so that they do not require a password. In this case,
some users do not supply passwords and others are required.
For more information, see "set ports" on page 176.
Change a Port’s Access Requirements
To configure a port so that no one has to login or specify a password, enter:
#> set logins range=range login=off passwd=off
For example:
#> set logins range=1-2 login=off passwd=off
For more information, see "set logins" on page 158.
Change a User’s Access Requirements
To configure a user so that they do not have to specify a password when
accessing an inbound port, enter:
#> set user name=name password=off
where name is a name to identify the user.
For example:
#> set user name=user1 password=off
For more information, see "set user" on page 238.
Configure Security Features
38 Chapter 1 Command Line Configuration Tasks
Control Access to Outbound Ports
An outbound port is one defined on the set ports dev” option, where “dev”
is set to one of the following device types:
prn for printer connections.
mout for outbound modem connections.
mio for bi-directional modem connections.
host for host connections.
ia for industrial automation devices.
The default for outbound ports is unlimited access.
Restrict Access to Outbound Ports
Use the set auth command to restrict access to outbound ports. See
"set auth" on page 94.
Use CHAP Authentication for PPP Users
CHAP authentication can be used to restrict PPP user access to outbound
ports. For more information on CHAP configuration, see "set user" on page
238.
Control User Access to the Command Line
You can restrict user access to the device server command line through the
following methods:
Using the autoconnection feature
Using menus
Using the Autoconnection Feature
The autoconnection feature allows you to configure a user to access the
device server but then be automatically connected to a host on the LAN.
You can implement autoconnection in the following ways:
By port, where all port users are automatically connected to the same
host. The device server is completely transparent to them. Use the
set ports command, with the options auto, autoservice, dest, dev,
and dport. See "set ports" on page 176.
By user, where a user is required to login and may be required to supply
a password, but once the user is authenticated, an automatic
connection to a host is made. Use the set user command, with the
options name, autoconnect, autohost, autoport, and defaultaccess.
See "set user" on page 238.
Using Menus
Menus select destination systems without having to access the device
server command line. Menus are created using the set menu command.
For information on configuring menus, see "set menu" on page 166.
Configure Security Features
Chapter 1 Command Line Configuration Tasks 39
Use RADIUS to Authenticate Users
The RADIUS feature is available on all PortServer TS Family products only.
It is not supported on Digi One Family devices.
RADIUS (remote authentication dial-in user service) is a method of
maintaining a database of profiles of dial-in users. These profiles can
include login and password information, as well as other user attributes.
The device server can be configured to use RADIUS. Digi device and
terminal servers are capable of authenticating reverse Telnet users with
RADIUS. The Service-Type attribute of the RADIUS server must be
defined correctly for the Digi devices to grant access.
RADIUS requires two components: an authentication host server, and
client protocols. The device server implements the client protocol. A host
must implement the authentication server application.
When a device server is configured for RADIUS, the authentication
process is as follows:
A user logs into device server.
The device server collects login information and then checks to see if
the user is in the local database of users.
If the user is in the local database, device server handles
authentication.
If the user is not in the local database, device server submits an
authentication request to the RADIUS server.
If the user is validated, the RADIUS server passes this information to
other devices and the user is permitted access. If the user is not
validated, the RADIUS server returns an access reject message to
device server, which then denies access to the user.
The “set radius” Command
To configure device server to function as a RADIUS client, enter a
set radius command that specifies the following:
• run=on
The IP address of the primary RADIUS server, on the primary option.
The primary server is the first server to which authentication requests
are sent.
A password (on the secret option)
For example:
#> set radius run=on primary=199.123.15.129 secret=J9CxegpP
For more information, see "set radius" on page 188.
Using a Secondary RADIUS Server
To use a secondary RADIUS server, supply a second set radius command
that specifies “run=on,” the IP address of the secondary server (on the
secondary option) and another password for the secondary server (on the
secret option).
# Meaning 0 This attribute must not be present. 0+ Zero or more instances of this attribute may be present. 0-1 Zero or one instance of this attribute may be present. 1 Exactly one instance of this attribute must be present. Request Accept Reject Challenge # Attribute 1 0 0 0 1 User—Name 0-1 0 0 0 2 User—Password 0-1 0 0 0 3 CHAP-Password 0-1 0 0 0 4 NAS—lP-Address 0-1 0 O 0 5 NAS—F'ort 0-1 0—1 0 0 6 Service-Type 0-1 0—1 0 0 7 Framed-Protocol 0-1 0—1 0 0 8 Framed-lF-Address 0-1 0—1 0 0 9 Framed-lF-Netmask 0 0—1 0 0 10 Framed-Routing 0 0+ 0 0 11 Filter-Id 0 0—1 0 0 12 Framed-MTU 0+ 0+ 0 0 13 Framed Compression 0+ 0+ 0 0 14 Login-lP—Host 0 0—1 0 0 15 Login-Servioe 0 0—1 0 0 16 Login-TCF-Port 0 0—1 0 0-1 27 Session-Timeout 0 0—1 0 0-1 28 Idle-Timeout
Configure Security Features
40 Chapter 1 Command Line Configuration Tasks
RADIUS Table Key
The numbers in the following tables have the following meaning:
RADIUS Attributes (RFC 2138) Supported
The following attributes are supported in the Digi device server RADIUS
client implementation.
# Meaning
0 This attribute must not be present.
0+ Zero or more instances of this attribute may be present.
0-1 Zero or one instance of this attribute may be present.
1 Exactly one instance of this attribute must be present.
Request Accept Reject Challenge # Attribute
1 0 0 0 1 User-Name
0-1 0 0 0 2 User-Password
0-1 0 0 0 3 CHAP-Password
0-1 0 0 0 4 NAS-IP-Address
0-1 0 0 0 5 NAS-Port
0-1 0-1 0 0 6 Service-Type
0-1 0-1 0 0 7 Framed-Protocol
0-1 0-1 0 0 8 Framed-IP-Address
0-1 0-1 0 0 9 Framed-IP-Netmask
0 0-1 0 0 10 Framed-Routing
0 0+ 0 0 11 Filter-Id
0 0-1 0 0 12 Framed-MTU
0+ 0+ 0 0 13 Framed Compression
0+ 0+ 0 0 14 Login-IP-Host
0 0-1 0 0 15 Login-Service
0 0-1 0 0 16 Login-TCP-Port
0 0-1 0 0-1 27 Session-Timeout
0 0-1 0 0-1 28 Idle-Timeout
# Attribute # Attribute 0-1 User-Name 0-1 Login-TCP-Pon 0 User-Password 0-1 Session-“meow 0 CHAP-Password 0-1 Idle-Tlmeout 0-1 NAS- IP-Address 1 Acm—Status-Type 0-1 NAS-Pon 0-1 Acm—Delay-TI me 0-1 Service-Type 0-1 Acm—Inpm-Octets 0-1 Framed-Protocol 0-1 Acm—O mput-Octe‘s 0-1 Framed-IP-Address 1 Acm—Session-Id 0-1 Framed-IP-Ne‘mask 0-1 Acm—Authentic 0-1 Framed-Routing 0-1 Acm—Session-Time 0+ Filter-Id 0-1 Acm—Inpm-Packes 0-1 Framed-MTU 0-1 Acm—Omput-Packets 0+ Framed-Compression 0-1 Acm—Termina‘e-Cause 0+ Login-IP-Hos‘ 0-1 Pen-Limit 0-1 Login Service
Configure Security Features
Chapter 1 Command Line Configuration Tasks 41
RADIUS Accounting Attributes (RFC 2139)
The following RADIUS accounting attributes are supported in the Digi
device server.
Issue User Passwords
To establish passwords for users, and issue them to users, use the
following commands:
set user with the password option to require a password of a user. See
"set user" on page 238.
newpass to create or change a user’s password. See "newpass" on
page 73.
This procedure assumes that you have signed on as root and already used
the set user command to configure the user to whom you will be issuing a
password.
1. Issue a newpass command that identifies the user (on the name
option) to whom this password will be issued.
2. When the system prompts you for a new password, type in the
password and then press Enter.
3. When the system prompts you to enter the new password again, type it
in and then press Enter.
# Attribute # Attribute
0-1 User-Name 0-1 Login-TCP-Port
0 User-Password 0-1 Session-Timeout
0 CHAP-Password 0-1 Idle-Timeout
0-1 NAS-IP-Address 1 Acct-Status-Type
0-1 NAS-Port 0-1 Acct-Delay-Time
0-1 Service-Type 0-1 Acct-Input-Octets
0-1 Framed-Protocol 0-1 Acct-Output-Octets
0-1 Framed-IP-Address 1 Acct-Session-Id
0-1 Framed-IP-Netmask 0-1 Acct-Authentic
0-1 Framed-Routing 0-1 Acct-Session-Time
0+ Filter-Id 0-1 Acct-Input-Packets
0-1 Framed-MTU 0-1 Acct-Output-Packets
0+ Framed-Compression 0-1 Acct-Terminate-Cause
0+ Login-IP-Host 0-1 Port-Limit
0-1 Login Service
Configure Security Features
42 Chapter 1 Command Line Configuration Tasks
Configure SSH Version 2 Encryption for Secure Communication
Users can be configured to use SSH version 2 encryption for secure
communication. SSH keys need to be generated from your SSH client.
SSH is supported in Digi One IAP and all PortServer TS Family products.
To configure simple password authentication for an SSH user, no SSH-
specific configuration is required. Configure a user by entering:
#> set user name=name password=on
#> newpass name=name
where name is a user name. For example:
#> set user name=ssh-user1
#> newpass name=ssh-user1
For more information, see "set user" on page 238, and "newpass" on page
73.
Use a Public Key
To enable public key authentication and to associate a public key with a
user, enter:
#> set user name=name loadkey=host:key
where
name is the name of a user
host is either an IP address or DNS name of a host running TFTP that
holds
key is the name of a file that contains the ECDSA public key. If your
host’s implementation requires a complete path to the file, specify the
path here as well. SSH keys need to be generated from your SSH
client.
For example:
#> set user name=secure loadkey=192.168.2.34:ssh-file
See "set user" on page 238 for more information.
Make Reverse SSH Connections to Ports
The convention used to identify a port for a reverse SSH connection to a
Digi device is to use base_port+ 500 + port_number. The base_port is
pre-configured as 2000, so by default, the base_port value is 2500+port.
For example:
Reverse SSH connection to Port 1: ssh 192.1.2.3 2501
Reverse SSH connection to Port 4: ssh 192.1.2.3 2504
Configure Security Features
Chapter 1 Command Line Configuration Tasks 43
Control Access to Services
You can disable services, such as Telnet and Rlogin, for inbound users,
which means that users cannot access the Digi device using those
services. This feature allows you to turn off individual services or to specify
a security level, which means that all services not included in that level are
turned off. To control access to services for inbound users, see
"set secureaccess" on page 201.
Services that Can Be Disabled
The following services can be disabled:
HTTP
• RealPort
Reverse TCP
Reverse Telnet
Remote login
Remote shell
• SNMP
• SSH
• Telnet
Service Levels
The service levels, or levels of secure access, are as follows:
secure means that SSH is the only service available to inbound users.
high means that SSH, HTTP, SNMP, and RealPort services are
available to inbound users.
normal means all services are available.
custom means you can select services to turn off.
The default service level is normal.
Examples
Disable inbound Telnet connections
#> set secureaccess telnet=off
Disable all services except SSH
#> set secureaccess level=secure
Configure Power Over Serial Ports
44 Chapter 1 Command Line Configuration Tasks
Configure Power Over Serial Ports
Power over serial ports is only available for the PortServer TS P MEI
Family. Power over serial ports is a hardware feature. Enabling this feature
involves changing a jumper inside the device. See the Digi One and
PortServer TS Family User Guide’s chapter on power over ports for more
details.
Reset the Circuit Breaker
From the command line, the only power-related task you can perform is to
reset the circuit breaker.
1. Display the status of the circuit breaker by entering:
#> display circuitbreaker
or
#> set config print
2. Reset the circuit breaker by entering:
#> set configuration circuitbreaker=reset
For more information, see "display" on page 63, and "set config" on page
100.
To: Use This Command: Set common user-related features set user Assign a password to a user newpass Configure a menu to be automatically displayed for a user set user defaultaccess=menu option Automatically connect a user set user - autooonnect, autohost, Defines the number of outbound ports a user connected over the set user - maxsessions option Remove a user from the user table remove Use a RADIUS server to set user attributes set radius
Configure User Attributes
Chapter 1 Command Line Configuration Tasks 45
Configure User Attributes
Although not required, a Digi device is often configured to accommodate
requirements of particular users. Typical configurable user attributes
include whether the user is required to supply a password; autoconnection
attributes, such as the system to which the user should be automatically
connected at login; the interface the device presents the user, such as a
menu or command line; and whether the user has access to outbound
ports.
User attributes are configured by the following commands:
To: Use This Command:
Set common user-related features set user
Common user-related features are
described in "Common Configurable
User Features" on page 46.
Assign a password to a user newpass
Configure a menu to be automatically displayed for a user set user defaultaccess=menu option
Automatically connect a user set user - autoconnect, autohost,
autoport, autoservice options
Defines the number of outbound ports a user connected over the
LAN can access at one time.
set user - maxsessions option
Remove a user from the user table remove
Use a RADIUS server to set user attributes set radius
Feature “set user" Op on Desc pt on accesstime acoesstime Determines the times and days the user can access the autoconnect autoconnect Automatically connects the user to the host specified on the Default access defaultacoess Defines the type of access the user is restricted to. Allowed Menu access menu Defines the menu that is to be presented to a user with menu Port access maxsessions Defines the number of outbound ports a user connected over PPP There are too many Defines PPP-related options for the user. Routing netrouting Defines whether RIP routing updates are forwarded over the
Configure User Attributes
46 Chapter 1 Command Line Configuration Tasks
Common Configurable User Features
Here are common user-related features configurable by set user
command options. For a complete list of features, see "set user" on page
238.
Feature “set userOption Description
accesstime accesstime Determines the times and days the user can access the
device server.
autoconnect autoconnect
autohost
autoport
autoservice
Automatically connects the user to the host specified on the
autohost option using the service (TCP port) defined on the
autoport or autoservice options. Autoconnection can also be
implemented by port instead of by user.
Default access
type
defaultaccess Defines the type of access the user is restricted to. Allowed
types are menu, command line, autoconnect, outgoing,
and netservice.
Menu access menu Defines the menu that is to be presented to a user with menu
access.
Port access maxsessions Defines the number of outbound ports a user connected over
the LAN can access at one time.
PPP There are too many
options to list here. See
the set user command
for more information.
Defines PPP-related options for the user.
Routing
updates
netrouting Defines whether RIP routing updates are forwarded over the
link to this user.
Configure Embedded Modem
Chapter 1 Command Line Configuration Tasks 47
Configure Embedded Modem
Configure the embedded modem with the set embmodem command. For
more information see "set embmodem" on page 112.
The embedded modem feature can be configured from the Web interface
(enter the IP address in the URL address bar of your browser, and log in
with user name root). Note: The default username is root and the default
password is printed on the device label. If a password is not on the label,
the default password is dbps. If neither default password works, the
password may have been updated. Check with your system administrator.
Configuration Management
48 Chapter 1 Command Line Configuration Tasks
Configuration Management
Configuration management tasks performed from the command line
include:
Upgrading firmware
Copying the configuration to and from a remote host
Resetting the configuration to defaults
Upgrade Firmware
To upgrade firmware, use the boot command. See "boot" on page 55.
Copy the Configuration to and from a Remote Host (Backup/Restore)
To use the command line to copy the configuration to and from a remote
host, use the cpconf command. See "cpconf" on page 62.
Reset the Configuration to Defaults
To reset the configuration to factory defaults or the latest version stored in
NVRAM, use the revert command:
#> revert all=factory
or:
#> revert all=nvram
Alternatively, you can use the “boot” command:
#> boot action=factory
The revert command allows you more control over which portion of the
configuration is restored. That is, you can also use the revert command’s
range option to define a range of ports with the serial, port, line, flow,
keys, and login options. For more details, see "revert" on page 83.
Chapter 2 Command Descriptions 49
This chapter provides the following:
Basic information that applies to all commands, including navigation
and editing keys, displaying online help, abbreviating commands, and
syntax conventions.
A description of each command.
Chapter 2 C o m m a n d D e s c r i p t i o n s
Basic Command Information
50 Chapter 2 Command Descriptions
Basic Command Information
Navigation and Editing Keys
Use the keys listed in the table to navigate the command line and edit
commands:
Displaying Online Help
Help is available for all commands. The table describes how to access it.
Action Keys
Move the cursor back one space Ctrl b
Move the cursor forward one space Ctrl f
Delete the character to the left of the cursor Back space or Ctrl h
Delete the character under the cursor Delete
Scroll back through commands Ctrl p
Scroll forward through commands Ctrl n
Execute the command Enter
For information on... Type
All commands ? (with no additional parameters)
A specific command The command and then ? For example:
#> info ?
#> set user ?
Basic Command Information
Chapter 2 Command Descriptions 51
Verifying Device Support for Commands
For verification that a device supports a particular command, you can enter
several commands. For example:
help displays all supported commands for a device.
? displays all supported commands for a device.
set ? displays the syntax and options for the set command. You can
use this to determine whether the device includes a particular set
command variant.
help set displays syntax and options for the set command.
set service ? displays the syntax and options for the set service
command.
help set service displays the syntax and options for the set service
command.
Some options may become available in new firmware revisions or before
new documentation is released.
Some commands relate only to particular features unique to specific
devices. Other commands may have options that are specific to features
that are not available on all devices. These device-specific commands and
options are noted in the command descriptions.
Abbreviating Commands
All commands can be abbreviated by suppling enough letters to uniquely
identify the command.
Syntax Conventions
Presentation of command syntax in this manual follows these conventions:
Brackets [ ] surround optional material.
Braces { } surround entries that require you to chose one of several
options, which are separated by the vertical bar |.
Non-italicized text indicates literal values, that is, options or values that
must be typed exactly as they appear. yes and no option values are
examples of literals.
Italicized text indicates that a type of information is required in that
option. For example, filename means that the name of a file is required
in the option.
Basic Command Information
52 Chapter 2 Command Descriptions
Entering Special Characters in String Values
s have options that are string values. String values may involve special
characters or be subject to length limitations.
Escape Sequences for Special Characters
Special characters can be entered in strings using the following escape
sequences:
Length Limitations on String Vales
String values for certain command options have specific limitations on the
maximum total string value including special characters, and the maximum
parsed value (that is, the character-string length when any escape
sequences in the string are processed). The option descriptions note these
maximum lengths.
Octal values are limited to a byte (/377). For example, /377 is translated as
octal 377 (equal to \xff), but /378 is translated as octal 37 (\x1f), then an 8
character.
Escape
Sequence Processed as:
\* Match any character.
\a Alert character.
\b Backspace character.
\f Form-feed character.
\n New-line character.
\r Carriage-return character.
\s Acts as a separator between characters. This sequence allows
entering a string such as \xB8\s4 where B8 should be translated as a
hexadecimal character separate from the numeric character 4.
\t Horizontal tab character.
\v Vertical tab character.
\\ Backslash character ( \ ).
\xNA hexadecimal number, where N is up to 20 hexadecimal digits. For
example: \x10\x2
\NAn octal byte, where N is up to 3 octal digits. For example: \2 or \208
Commands for Managing Connections and Sessions
Chapter 2 Command Descriptions 53
Commands for Managing Connections and Sessions
These commands are used to manage connections and sessions:
close: Closes active sessions that were opened by connect, rlogin,
and telnet commands.
connect: Makes a connection, or establishes a connection, with a serial
port.
exit and quit: These commands terminate a currently active session.
who and kill: The who command displays a global list of connections.
The list of connections includes those associated with a serial port or
the command-line interface. who is particularly useful in conjunction
with the kill command, which terminates active connections. Use who to
determine any connections that are no longer needed, and end the
connections by issuing a kill command.
ping: Tests whether a host or other device is active and reachable.
reconnect: Reestablishes a previously established connection; that is,
a connection opened by a connect, rlogin, or telnet command; the
default operation is to reconnect to the last active session.
rlogin: Performs a login to a remote system.
send: Sends a Telnet control command, such as break, abort output,
are you there, escape, or interrupt process, to the last active Telnet
session.
status: Displays a list of sessions, or outgoing connections made by
connect, rlogin, or telnet commands for a device. Typically, the status
command is used to determine which of the current sessions to close.
telnet: Makes an outgoing Telnet connection, also known as a session.
admin
54 Chapter 2 Command Descriptions
admin
Purpose Used to temporarily access commands reserved for administrators (root)
when logged in as a normal (non-root) user.
After issuing the admin command, the following occurs:
1. A prompt requesting the root password appears.
2. You enter the root password.
3. If the password is accepted, the device displays the root prompt,
indicating that you can issue commands reserved for administrators. If
the password is not accepted, the device displays the message,
Incorrect password.
Required
Permissions
Only normal users can use the admin command.
Syntax admin
Example #> admin
See Also For information on ending temporary root sessions, see the following
commands:
"exit" on page 66.
"quit" on page 79.
boot
Chapter 2 Command Descriptions 55
boot
Purpose Performs the following functions:
Reboots the device server.
Restores the configuration to defaults.
Loads new POST code from a TFTP server.
Loads a new firmware into flash ROM from a TFTP host.
Users of PortServer TS Family and Digi One IAP devices must be very
careful with the load option. If this operation fails and then you reboot the
device, the unit may not work. To ensure success, do the following:
1. Attempt to boot from a remote firmware image before issuing the
boot load command. See "set config" on page 100 for more informa-
tion.
2. After issuing the boot load command, ensure that you receive the
message The image in flash now appears valid. If you do not receive
this message, do not reboot. Contact Digi technical support for
instructions on what to do next.
Required
Permissions
Root privileges are required to use this command.
Syntax Reboot the Device Server
boot action=reset
Restore Configuration Defaults
boot action={eewrite|factory|reset}
switch={factory|user}
Load New Firmware from a TFTP Host
boot load={host ip address|host name }:[lo ad fil e]
Load New POST Code (Digi One and PortServer TS Only)
boot load-post=tftp server ip:filename
Load New Boot Code (PortServer TS 8/16 Only)
boo t load-bo ot
boot
56 Chapter 2 Command Descriptions
Options action={eewrite|factory|reset}
The action to be performed.
eewrite
Resets all but the network-related parts of the configuration to
defaults. Ports, users, passwords, and most other features are reset.
This option does not apply to the PortServer TS 8/16.
factory
Resets the entire configuration to defaults. For PortServer TS 8/16,
this option also reverts to the factory EOS.
reset
Reboots the device.
load={host ip address|host name}:[load file]
The firmware to be loaded.
Windows users may need to download file tftpd.exe and put in the same
directory as the firmware. Execute this file before entering the boot load
command.
{host ip address|host name}
The IP address or host name of the TFTP server with new firmware
that is to be burned into flash ROM.
[load file]
The firmware file. The firmware must be renamed first by removing the
_ (82000774e.bin).
load-post=tftp serverip:filename
The POST or boot code to be loaded.
tftp server ip
The IP address of a server running TFTP.
post file name
The file that holds the new POST or Boot code.
switch={factory|user}
Determines the firmware to use on reboot. This option applies to
PortServer TS 8/16 only.
factory
The firmware that shipped with the device.
user
The most recent firmware upgrade.
boot
Chapter 2 Command Descriptions 57
Examples Reload Firmware and Reset Configuration to Defaults
#> boot action=factory
Reset All Parts of the Configuration Except Network Settings to
Defaults
This example does not apply to PortServer TS 8/16.
#> boot action=eewrite
Reboot Device and Use Current Firmware and Configuration
#> boot action=reset
Load Firmware Using a Boot Host
The command loads the firmware stored on the host into flash ROM. A
reboot is required to use the new firmware.
#> boot load=198.150.150.10:os-1
See Also "cpconf" on page 62 for information on saving the current configuration
to a host prior to restoring the configuration to defaults.
"revert" on page 83 for information on restoring configuration defaults to
the latest configuration stored in NVRAM.
close
58 Chapter 2 Command Descriptions
close
Purpose Closes active connect, Rlogin, and Telnet sessions; that is, sessions
opened by connect, rlogin, or telnet commands.
The close command is associated with the sessions displayed by the
status command. That is, you can only close sessions that are displayed
by the status command by issuing a close command, and not by the kill
command. A close command issued without options closes the current
connection.
To issue the close command, you must escape the active session. To do
this, press the escape key defined for your session type. The following
table lists default escape keys.
Required
Permissions
Anyone can use this command.
Syntax close [{*|connection number}]
Options *
Closes all active sessions.
connection number
Identifies the session to close by its session number.
Examples Close a Session Identified by Number
#> close 1
Close the Current Session
#> close
See Also "Commands for Managing Connections and Sessions" on page 53
"connect" on page 60.
"exit" on page 66.
"kill" on page 70. The kill command has a broader effect than close,
and lets you kill connections from the global list. That is, it is not limited
to sessions associated with the current connection.
"mode" on page 71.
"quit" on page 79.
"reconnect" on page 80.
"rlogin" on page 87.
Session Type Default Escape Keys
Connect Ctrl [ Enter
Rlogin ~ Enter
Telnet Ctrl ] Enter
close
Chapter 2 Command Descriptions 59
"send" on page 89.
"set user" on page 238 for information on defining escape keys for
Telnet, Rlogin, and connect sessions.
"status" on page 255 to display status information on active sessions.
"rlogin" on page 87.
"telnet" on page 256.
"who" on page 262.
connect
60 Chapter 2 Command Descriptions
connect
Purpose Initiates a local connection on a port.
There are several ways of using the connect command:
To make multiple connections, issue multiple connect commands.
To temporarily suspend a connection, escape the active session by
pressing the escape character defined on the set user command. The
default escape character is Ctrl [ (Control key and left bracket).
To temporarily suspend a connection and return to the command line,
press the escape character and then the Enter key.
To switch between active sessions (without first escaping to the
command line), press the escape character and then the number of the
session you wish to enter. Pressing the connect escape character twice
causes the next session to appear, enabling you to easily page through
sessions.
Required
Permissions
Anyone can use this command.
Syntax connect {serial_port|hu n t_g ro up|id name}
Options serial_port
The number of the port on which to establish a connection.
hunt_group
Identifies a hunt group, which is defined by the set ports group=group
command.
id name
The name of the port, defined on the set ports command, on which to
establish a connection.
Example The following command creates a connection to port 1:
#> connect 1
See Also "close" on page 58.
"exit" on page 66.
"kill" on page 70.
"mode" on page 71
"quit" on page 79.
"reconnect" on page 80 for information on reestablishing a port
connection.
"rlogin" on page 87.
"send" on page 89.
"set user" on page 238 for information on defining an escape character.
"set ports" on page 176 for information on defining a hunt group.
connect
Chapter 2 Command Descriptions 61
"status" on page 255 to display status information on active sessions.
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
cpconf
62 Chapter 2 Command Descriptions
cpconf
Purpose Used to:
Copy a configuration to and from a remote host (backup/restore)
Display the configuration on a terminal.
Required
Permissions
Root privileges are required to use this command.
Syntax cpconf {fromhost=host[:fi l e]|tohost={host [:f i le]|term}}
Options fromhost=host[:file]
Copies the configuration from the host and file specified. Be sure to:
Identify the host by either its IP address or DNS name.
Separate host and file options by colons.
If you do not specify a file name, the default file name, config.ps3, is
used.
tohost={host[:file]
Copies the configuration to the host and file specified. Be sure to:
Identify the host by either its IP address or DNS name.
Separate the host and file information by a colon.
If the file name is not specified, the default file name, config.ps3, is used.
TFTP must be running on the host. For transfers to the Digi device, the
file must be in the TFTP directory and assigned read-write permissions
for all users.
term
Displays the configuration file on the terminal that issued the command.
Examples Copy Configuration from a Host
#> cpconf fromhost=190.150.150.10:ps-cnfg1
Copy Configuration to a Host
#> cpconf tohost=190.150.150.10:ps-cnfg1
Copy Configuration to a Terminal
#> cpconf term
display
Chapter 2 Command Descriptions 63
display
Purpose Used to:
Display the status of the EIA-232 signals on serial ports.
Display a list of errors.
Clear the errors list.
Display information on Digi devices that use dip-switch settings to
enable multiple electrical interface (MEI) on serial ports.
Display power information for the Digi devices that support the Power
Over Ethernet feature.
Display the contents of a port buffer. This command variation is covered
separately; see "display buffers" on page 65.
Required
Permissions
Anyone can use this command to display information. Root privileges are
required to clear the errors list.
Syntax Display Information
display {port
range=port-port|error|power|switches|circuitbreaker}
Clear Errors
display error clear
Options port
Displays signal state for the ports specified on the range option. There is
only one port on Digi One Family devices.
range=port-port
A range of ports. There is only one port on the Digi One Family devices.
error
Clears all errors from the errors list when the clear option is specified, or
displays a list of errors when the clear option is not specified.
power
Displays status of power sources for the Digi devices that support the
Power Over Ethernet option. This option applies to the PortServer TS P
MEI Family and Digi One IAP only.
switches
Displays dip switch settings for devices supporting MEI.
circuitbreaker
Displays status of the circuit breaker.
clear
When used with the error option, clears the errors list.
display
64 Chapter 2 Command Descriptions
Examples Display Configuration Information on a Port
#> display port range=1
Display Configuration Information on a Range of Ports
#> display port range=1-2
Display a List Of Errors
#> display error
Display Information on Dip Switch Settings
#> display switches
Display Power Information
#> display power
Clear Errors
#> display error clear
See Also "display buffers" on page 65 to display the contents of a port buffer.
The display command’s focus is on real-time information. In contrast, the
info command displays statistical information about a device over time,
while the status command displays the status of outgoing connections
(connections made by connect, rlogin, or telnet commands). For more
information, see these commands:
"info" on page 68.
"status" on page 255.
display buffers
Chapter 2 Command Descriptions 65
display buffers
Purpose Used to:
Display the contents of a port buffer.
Transfer the contents to a server running TFTP.
Configure the screen parameters.
Required
Permissions
Root privileges are required to use this command.
Syntax display buffers [range=r an ge]
{screen [lines=number] [tail=n u mb er]|tftp=server:filename}
Options range=range
The port or ports to which the command applies.
screen
Displays the contents of the port buffer on the screen.
lines=number
The number of lines of data to display at a time when the screen option
is specified. Use 0 to indicate continuous flow.
tail=number
The total number of lines in the buffer to be displayed. The number is
calculated from the end of the buffer counting back.
tftp=server:filename
server
The IP address or DNS name of a server running TFTP to which buffer
information should be transferred.
filename
The name to use for the file that will be transferred to the TFTP server.
Examples Display Port Buffering Information on the Screen
#> display buffers range=2 screen lines=32 tail=30
Output Buffering Information to a TFTP Server
#> display buffers range=2 tftp=stambrose:port_ouput
See Also "set buffer" on page 97
exit
66 Chapter 2 Command Descriptions
exit
Purpose Used to terminate either of the following sessions:
Your current session.
A temporary root session. If you are in a root session, the exit
command returns you to a regular session.
Required
Permissions
Anyone can use this command.
Syntax exit
Example #> exit
See Also "admin" on page 54 for information on starting a temporary root
session.
"close" on page 58.
"connect" on page 60.
"kill" on page 70.
"mode" on page 71.
"quit" on page 79 for an alternate method of ending a root session.
"reconnect" on page 80.
"rlogin" on page 87.
"send" on page 89.
"status" on page 255.
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
help
Chapter 2 Command Descriptions 67
help
Purpose Displays information on commands.
Required
Permissions
Anyone can use this command.
Syntax help
Example #> help
See Also "Displaying Online Help" on page 50.
info
68 Chapter 2 Command Descriptions
info
Purpose Displays or clears statistics, including protocol, interface, IA, serial, and
UDP over serial. The statistics displayed are those gathered since the
statistics tables were last cleared.
Required
Permissions
Normal users can view statistics tables. Root privileges are required to
clear them.
Syntax Clear Statistics
info clear
{protocol|network|serial:port |ia:protocol|sou:range}
Display Statistics
info {p roto c ol |{network|serial:po rt |ia:p r ot oco l|sou:r an ge}
Options info clear
Clears all the statistics tables. This command resets all the counts in the
statistics tables to zero.
info {protocol | network | serial:port | ia:protocol | sou:range}
Displays one or more statistics tables, depending on the option specified.
The syntax options and results are:
.
Syntax Result Example
info clear All statistics are cleared. info clear
info protocol
where protocol is one of the
following: frame, modbus, ip,
icmp, ethernet tcp, or udp.
frame, modbus, ip, icmp, tcp,
or udp tables are displayed.
info ip
info network All network interface statistics
are displayed.
info network
info serial:port
where port the port number.
Port statistics are displayed.
For descriptions of these
statistics, see About the port
statistics displayed by "info
serial" on page 69.
info serial:1
info ia:protocol
where protocol is one of the
following: Compoway/F,
df1fullduplex, fins, hostlink,
modbus, userdefined.
IA protocol statistics are
displayed.
info ia:modbus
info sou:range
where range is the port or ports.
Serial over UDP statistics
associated with a serial port
are displayed.
info sou:2
info
Chapter 2 Command Descriptions 69
About the port statistics displayed by "info serial"
The statistics displayed by info serial include data, event, and error
counts, described below. These statistics are useful in understanding how
the device is operating and can be helpful in finding problems. In particular,
if an error counter is found to be increasing, there may be a problem in the
device. The numbers on these statistics will only increase from their
previous counts, unless you set the count back to zero by issuing an
info clear command.
Examples Display the IP Table
#> info ip
Display Modbus Information
#> info ia:modbus
Display Serial Over UDP Statistics for Port 1
#> info sou:1
Clear All Network Statistics Tables
#> info clear
See Also The info command displays statistical information about a device over
time. In contrast, the display command’s focus is on real-time information,
while the status command displays the status of outgoing connections
(connections made by connect, rlogin, or telnet commands). For more
information, see these commands:
"display" on page 63.
"status" on page 255
Statistic Description
rbytes The number of bytes received.
tbytes The number of bytes transmitted.
sigchange The number of times the signals have changed states.
norun The number of times FIFO has overrun.
noflow The number of times the Received buffer has overrun.
nframe The number of framing errors detected.
nparity The number of parity errors detected.
nbreak The number of breaks detected.
kill
70 Chapter 2 Command Descriptions
kill
Purpose Clears or resets sessions on ports. The kill command is associated with
the connections displayed by the who command. That is, you can only
close connections that are displayed by the who command by issuing a kill
command, and not by the close command.
Required
Permissions
Root privileges are required to use this command.
Syntax kill {tty=tty number|tty=tty range}|t ty num ber|tty range}
Options tty=tty number
A port on which to clear a session. Number = 1.
tty=tty range
A range of ports on which to clear sessions. Range = 1.
tty number
An alternate method of specifying the number of the port on which to
clear a session. Number = 1.
tty range
An alternate method of specifying a range of ports on which to clear
sessions. Range = 1.
Examples Kill a Session on a Specific Port
#> kill tty=1
Kill a Session on a Range of Ports
#> kill tty=1-2
See Also "close" on page 58, to close sessions for the current connection.
• session.
"connect" on page 60.
"mode" on page 71.
"quit" on page 79 for an alternate method of ending a root session.
"reconnect" on page 80.
"rlogin" on page 87.
"send" on page 89.
"status" on page 255.
"telnet" on page 256.
"who" on page 262, for information on determining current users.
"Commands for Managing Connections and Sessions" on page 53.
mode
Chapter 2 Command Descriptions 71
mode
Purpose Changes or displays the operating options for a current Telnet session.
Required
Permissions
Anyone can use this command.
Syntax Change Telnet Options
mode [bin={on|off}]
[crmod={on|off}]
[crlf={on|off}]
Display Telnet Options
mode
Options bin={on|off}
Specifies whether binary mode is enabled.
on
Turns on binary mode, which means that all transmitted and received
characters are converted to binary during this Telnet session.
off
Turns off binary mode off for this Telnet session. The default is off.
crmod={on|off}
Specifies whether line feeds replace received carriage returns.
on
Specifies that line feeds replace received carriage returns.
off
Specifies that line feeds do not replace received carriage returns. The
default is off.
crlf={on|off}
Specifies whether line feeds are added to transmitted carriage returns.
on
Specifies that line feed characters are added to transmitted carriage
returns.
off
Specifies that line feed characters are not added to transmitted
carriage returns. The default is off.
mode
72 Chapter 2 Command Descriptions
Examples Turn on Binary Mode
#> mode binary=on
Add Line Feed Characters
#> mode crmod=on crlf=on
Display Operating Options
#> mode
See Also "close" on page 58.
"connect" on page 60.
"exit" on page 66.
"kill" on page 70.
"quit" on page 79.
"reconnect" on page 80.
"rlogin" on page 87.
"send" on page 89.
"status" on page 255
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
newpass
Chapter 2 Command Descriptions 73
newpass
Purpose Used to create or change your own password, if you are logged in under
your own name, the root password, or another user’s password, if you are
logged in as root.
When you enter the newpass command, a series of prompts guide you
through the process of changing a password.
Required
Permissions
Any user can change their own password. Root privileges are required to
change someone else’s password or the root password.
Syntax newpass [name=username]
Option name=username
The name of the user (configured with the set user command) whose
password will be created or changed. This option is available only if you
have root privileges.
Example The following command initiates a dialog that changes the user’s
password:
#> newpass
See Also "set user" on page 238 for information on configuring users.
ping
74 Chapter 2 Command Descriptions
ping
Purpose Tests whether a host or other device is active and reachable.
Required
Permissions
Anyone can use this command.
Syntax ping [continuous]
[fill=char]
{hostname|ip addr}
[intv=msec]
[loose_sroute=ip addr ,ip add r...]
[npkts=num ]
[pksiz=bytes]
[record_route]
[strict_sroute=ip addr,ip addr...]
[verbose]
Options continuous
Specifies that ping commands be sent continuously until stopped. Press
the interrupt keys to stop continuous pings. The default interrupt keys are
<Ctrl-C>.
fill=char
Specifies characters to include in the data portion of the echo reply.
hostname|ip addr
Identifies the target of the ping by an IP address or domain name.
intv=msec
The interval in milliseconds between pings. The range is -1 to 60,000.
The default is 1000 milliseconds (one second). A value of -1 means that
echoes will be continuously sent until the value in the npkts option is
reached.
loose_sroute=ip addr,ip addr...
Specifies that the ping command should pass through the routers
indicated on its way to the target host. These routers are identified by
their IP addresses.
npkts=num
The number of packets to include with each ping command. The range
is 1 to 30,000. The default is 1.
pksiz=bytes
The size of the ping packet in bytes. The range is 0 to 20000. The default
is 56.
record_route
Specifies that routers handling the ping command include their IP
addresses in the echo reply.
strict_sroute=ip addr,ip addr...
Specifies that the ping command should pass through the routers
indicated—and only those indicated—on its way to the target host.
Routers are identified by their IP addresses.
ping
Chapter 2 Command Descriptions 75
verbose
Specifies that echo replies include statistics associated with the ping
command, such as round-trip time and number of packets transmitted
and received.
Examples Specify a Simple Ping
The ping command determines whether the specified host can be
reached.
#> ping 199.150.150.10
Specify Loose Source Routing
The command specifies that the ping command must pass through the
routers identified on the loose_sroute option, but may pass through
additional routers as well.
#> ping 199.150.150.10 loose_sroute=199.150.160.10,190.150.161.10
Specify Strict Source Routing
The command specifies that the ping command passes through the
routers identified on the strict_sroute option, and only those routers. If it
cannot reach the destination along this path, the destination is regarded as
unreachable.
#> ping 199.150.150.10 strict_sroute=199.150.160.10,190.150.161.10
power
76 Chapter 2 Command Descriptions
power
Purpose Manages power controllers attached to the PortServer TS device. This
command can control the power state of specific ports on PortServer TS
devices or devices connected to the ports, display the power state of
specific ports on the PortServer TS devices, and display the status of a
power unit. This command is context-sensitive. The action specified will
determine whether it applies to a power unit or a device connected to a
power unit.
Required
Permissions
Root privileges, users with command-line access, or users with specific
menu access on ports are required to view or change states.
Syntax power [action={clear|on|off|reboot|show}]
[range=port#]
[outlet=outlet# ]
[id=powerdeviceid]
[group=group# ]
An outlet can be specified either by entering an outlet number or by using
the id and/or group options.
Options action={clear|on|off|reboot|show}
The action to be performed, used in conjunction with range, outlet, id, or
group options.
clear
Clears the maximum detect current parameter of the specified power
control unit.
on
The outlet or outlets configured to the device will receive power.
off
The outlet or outlets configured to the device will not receive power.
reboot
The outlet or outlets configured to the device will be power cycled with
a 10 second wait until the user is prompted again. This command only
works if the outlets are already receiving power.
show
Displays the status of the unit and/or devices connected for the
specified range.
range=port#
Performs the specified action on the power unit with the specified index.
outlet=outlet#
Performs the specified action on the device with specified index.
id=powerdeviceid
Performs the specified action on the device unit with the specified ID.
This option must be used with the action option.
power
Chapter 2 Command Descriptions 77
group=group#
Performs the specified action on an outlet with the specified group
number.
Examples Display Outlet Status
This command displays the status of the outlets, including whether they are
on or off, their IDs, and the group number.
#> power action=show range=2 outlets=3
Or:
#> power range=2 outlet=3
Display Power Unit Status
This example displays the status a power controller that is connected to a
Digi PortServer TS device but not fully configured yet. The items to be
displayed include:
Remote Power Control Unit ID (or which port it is on)
Average Power
Apparent Power
True RMS Voltage
True RMS Current
Maximum Current Detected
Internal Temperature
Outlet Circuit Breaker Status
Alarm Threshold
#> power action=show
unit : 1
status : NOT CONFIGURED
unit : 2
type : digi_rpm
model : RPM10 ( v1.0.0 )
size : 10
Circuit Breaker status - : Good
Voltage V : 121.0
RMS Current Amps: 0.0
Max Current Detected Amps: 0.0
Alarm Threshold Amps: 99.0
Temperature C : 27.0
Control Power To a Port
This example turns off the power to all outlets affiliated with group 3.
#> power group=3 action=off
power
78 Chapter 2 Command Descriptions
Clear the Maximum Current Detected
This example clears the maximum current detected variable for the power
unit on port 8.
#> power action=clear range=8
Control a Device With a Device Range
This example turns on the power to the device on the unit 2 connected to
the outlet 3.
#> power action=on range=2 outlet=3
Control a Device with an ID
In this example, the power to all outlets affiliated with a device named
Router will be rebooted. This command will only work if the outlets are all
currently on.
#> power action=reboot id=Router
See Also "set powerunit" on page 182.
The Digi One and PortServer TS Family User Guide’s chapter on Digi
Remote Power Manager (Digi RPM).
quit
Chapter 2 Command Descriptions 79
quit
Purpose Ends the following types of sessions:
The current session. If you are in a regular or root session, quit closes
the session.
A temporary root session. If you are in a root session started with the
admin command, quit returns you to a regular session.
Required
Permissions
Anyone can use this command.
Syntax quit
Example #> quit
See Also "admin" on page 54 for information on temporarily accessing
commands reserved for the administrator.
"close" on page 58.
"connect" on page 60.
"exit" on page 66.
"kill" on page 70.
"mode" on page 71.
"reconnect" on page 80.
"rlogin" on page 87.
"send" on page 89.
"status" on page 255
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
reconnect
80 Chapter 2 Command Descriptions
reconnect
Purpose Reestablishes a previously established connection. This command applies
only to sessions that have been backed-out of, but not closed.
Required
Permissions
Anyone can use this command.
Syntax reconnect [{serial port|p=se rial p ort|s=s ess i on}]
Options serial port
The serial port to which this command applies.
p=serial port | s=session
The serial port or session to which this command applies.
Example Reconnect to the Last Port Used
#> reconnect
See Also "connect" on page 60 for information on establishing a connection on a
selected port.
"close" on page 58 for information on ending a connection.
"exit" on page 66.
"kill" on page 70.
"quit" on page 79.
"mode" on page 71.
"rlogin" on page 87.
"status" on page 255 for information on gathering status on current
connections.
"send" on page 89.
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
remove
Chapter 2 Command Descriptions 81
remove
Purpose Removes entries from configuration tables.
Required
Permissions
Root privileges are required to use this command.
Syntax remove table name {range=ra n ge|name=name|ip=i p addre ss}
Options table name
One of the following configuration table names:
• altip
• arp
• auth
chat
• device
• filter
• host
• ippool
• menu
• powerunit
• route
• script
• service
• snmpauth
• telnetip
• term
• user
range=range
Removes entries from one of the device server configuration tables
based on the range of table index entries.
name=name
Removes an entry from a configuration table based on the name
specified. This form of the command works only on entries that can be
identified by name, such as entries in the user table.
ip=ip address
Removes an entry from a configuration table based on the IP address
specified. This form of the command works only on entries that can be
identified by an IP address, such as entries in the auth or altip tables.
remove
82 Chapter 2 Command Descriptions
Examples Remove an Entry From User Table by Name
#> remove user name=martymertz
Remove an Entry from altip Table by IP Address
#> remove altip ip=192.168.2.120
Remove an Entry from altip Table by Index Number
#> remove altip range=3
See Also The set commands used to add or display values in the configuration
tables.
revert
Chapter 2 Command Descriptions 83
revert
Purpose Restores the configuration to defaults or to the latest configuration stored in
NVRAM. The revert command does not restore network-related parts of
the configuration to defaults.
Required
Permissions
Root privileges are required to use this command.
Syntax revert option={factory|nvram} [r an ge]
Options option={factory|nvram}
Sets one of the configuration options either to the factory defaults or to
the latest version of the configuration stored in NVRAM. A
revert option=nvram command is only useful if a set conf save=off
command was previously issued to the device. See the command
examples for more information. The following table lists the allowable
values for option, and their effect on the configuration.
option Reverts this part of the configuration:
all Entire configuration, except network connectivity parameters.
altip set altip configuration.
arp set arp configuration.
auth set auth configuration.
buffers set buffer command.
chat set chat configuration.
config set config configuration.
consmenu set consmenu configuration.
device set device configuration.
dhcp set dhcp configuration.
embmodem set embmodem configuration.
ethernet set ethernet configuration.
filter set filter configuration.
flow set flow configuration.
forwarding set forwarding configuration.
host set host configuration.
ia set ia master, set ia serial, and set ia table configuration.
ippool set ippool command.
keys set keys configuration.
revert
84 Chapter 2 Command Descriptions
line set line configuration.
login set login configuration.
logport set logport configuration.
menu set menu configuration.
mei set mei configuration
modem set modem configuration.
netlogin set netlogins configuration.
netport set netport configuration.
network altip, arp, host, route, snmp, tcpip, and telnetip configuration.
Not related to network connectivity.
pmodem set pmodem configuration.
port set ports configuration.
powerunit set powerunit. Applies to PortServer TS 8/16 Family devices only.
profiles set profiles configuration.
radius RADIUS configuration. Applies to PortServer TS 8/16 Family
devices only.
rloginoption set rloginoption configuration.
route set route configuration.
rpauth set rpauth configuration
script set script configuration.
secureaccess set secureaccess configuration.
security set auth, set logins, set radius, and set secureaccess
configuration
serial set flow, set line, and set ports configuration; set powerunit
configuration (PortServer TS 8/16 Family devices only).
service set service configuration.
sharing set sharing command.
snmp SNMP configuration.
snmpauth set snmpauth configuration: access permissions for SNMP sets
and gets in the snmpauth table.
sntp set sntp configuration.
switches set switches configuration.
system set config, set ethernet, set keys, set menu, set service,
set terms, set trace, and set user configuration.
tcpip set tcpip configuration.
option Reverts this part of the configuration:
revert
Chapter 2 Command Descriptions 85
range
A range of ports to which the command applies. This option is valid when
used with the following values for option:
• buffers
• flow
• keys
• line
• login
• port
• profiles
• serial
• sharing
• socketid
Examples Reset the Port Configuration to Defaults
#> revert port=factory range=1
Reset Network-Related Settings
The configuration is reset to the latest user configuration saved in NVRAM.
1. First, turn off saving configuration changes to NVRAM:
#> set config save=off
2. Change the baud rate of port 8 to 115200:
#> set line baud=115200 ra=8
3. Run a test of serial port 8 at 115200 baud.
4. Once testing is complete, return port 8 to normal:
#> revert line=nvram
5. Turn on saving configuration changes:
telnetip set telnetip configuration.
terms set terms configuration.
timezone set timezone configuration.
trace Trace settings configured by set trace.
udpdest set udpdest command.
udpserial set udpserial command.
users set user configuration.
wan The configuration settings set by set chat, set device, set ippool,
set modem, set script, set filter.
webui set web command.
option Reverts this part of the configuration:
revert
86 Chapter 2 Command Descriptions
#> set config save=on
See Also "boot" on page 55. Issuing a boot action=factory command resets the
configuration to factory defaults.
The set commands for which settings are being reverted.
rlogin
Chapter 2 Command Descriptions 87
rlogin
Purpose Performs a login to a remote system, also referred to as an rlogin.
Required
Permissions
Anyone can use this command.
Syntax rlogin [esc=char]
{hostname|host ip addr}
[{user=user n am e|-l user name}]
Options esc=char
A different escape character than the ~ (tilde) character, which will be
used for the current rlogin session. Used for suspending a session from
the remote host to return to the device server command line.
hostname|host ip addr
The name of a host or IP address to log into.
user=user name|-l user name
The user name to use on the remote system. If you do not specify a
name, your device server user name will be used. The -l user name
option is for compatibility with the UNIX rlogin command.
Examples Remote Login Using a Host Name
#> rlogin host1
Remote Login Using an IP Address
#> rlogin 192.192.150.28
Remote Login Using a Host Name and User Name
The rlogin command establishes an Rlogin session using a host name.
The command also supplies the name that identifies the user on the host.
#> rlogin host1 user=fred
See Also "set rloginoption" on page 191.
"close" on page 58.
"connect" on page 60.
"exit" on page 66.
"kill" on page 70.
"mode" on page 71.
"reconnect" on page 80.
"send" on page 89.
"status" on page 255
"telnet" on page 256.
"set user" on page 238 for information on configuring a user-specific
Rlogin escape character.
rlogin
88 Chapter 2 Command Descriptions
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
send
Chapter 2 Command Descriptions 89
send
Purpose Sends a control command to a the current escaped Telnet session.
Required
Permissions
Anyone can use this command.
Syntax send {ao|ayt|brk|ec|el|escape|ga|ip|nop|synch}
Options ao
Sends the abort output signal to discard output buffered on the peer.
ayt
Sends the are you there signal to test whether a host is still active.
brk
Sends the break signal to interrupt the executing application.
ec
Sends the erase character signal to delete the previous character.
el
Sends the erase line signal to delete the entire current line.
escape
Sends the escape character.
ga
Sends the go ahead signal.
ip
Sends the interrupt process signal to terminate the program running on
the peer.
nop
Sends the no option signal to the peer.
synch
Sends the synchronize process signal to the peer.
Examples Send an interrupt process signal
#> send ip
Send an are you there signal
#> send ayt
See Also "set rloginoption" on page 191.
"close" on page 58.
"connect" on page 60.
"exit" on page 66.
"kill" on page 70.
"mode" on page 71.
"reconnect" on page 80.
send
90 Chapter 2 Command Descriptions
"status" on page 255
"telnet" on page 256.
"who" on page 262.
"Commands for Managing Connections and Sessions" on page 53.
set altip
Chapter 2 Command Descriptions 91
set altip
Purpose Configures a serial port or group of serial ports with an alternate IP
address, or displays current entries in the alternate IP address (altip) table.
Alternate IP addresses enable routing of traffic from the LAN to serial ports
or group of ports using IP addresses. By associating ports with IP
addresses, Telnet users on the LAN can use IP addresses, rather than port
numbers, to specify a port or range of ports in their Telnet calls.
Up to 64 alternate IP address entries are permitted.
Required
Permissions
The root user can configure altip settings. Normal users can display altip
settings.
Syntax Configure Alternate IP Address
set altip group={po rt# |g r oup #}
ip=ip a ddr
mode={raw|telnet|ssh}
Display altip Table Entries
set altip [range=range]
Options group={port#|group#}
A port or group of ports.
ip=ip addr
Assigns an IP address to the ports or group of ports (hunt group)
specified on the group option.
mode={raw|telnet|ssh}
The type of connection.
raw
Raw socket connection.
telnet
Telnet connection.
ssh
SSH (encrypted) connection.
range=range
A range of index entries in the altip table.
Examples Display Entire altip Table
#> set altip
Display Several Entries in altip Table
#> set altip range=1-4
Configure an Entry in Altip Table
#> set altip ip=198.150.150.10 group=65
See Also "remove" on page 81 to remove values from the altip table.
set altip
92 Chapter 2 Command Descriptions
"revert" on page 83. The revert altip option reverts the set altip
configuration.
"set config" on page 100. The sockets option configures the base TCP
socket service.
set arp
Chapter 2 Command Descriptions 93
set arp
Purpose Manually configures an entry in the Address Resolution Protocol (ARP)
table, or displays the contents of the ARP table.
The ARP table contains the Ethernet-to-IP address mappings of other
devices on the LAN, which is required to communicate with these devices.
The ARP protocol updates this table automatically, so manual modification
is seldom required.
Required
Permissions
The root user can configure ARP table entries. Normal users can display
ARP table entries.
Syntax Configure ARP Table Entries
set arp ether=etaddr ip=i p ad dr [tim2liv=t i me]
Display ARP Table Entries
set arp [range=range]
Options ether=etaddr
The Ethernet address of a device.
ip=ipaddr
The IP address of a device.
range=range
A range of table entries, which are identified by the index option in the
ARP table.
tim2liv=time
The time, in seconds, to keep an entry in the ARP table. The range is 0
to 1200 seconds. The default is 0, which means the entry will never time
out.
Examples Display a Range of Entries in ARP Table
#> set arp range=1-4
Display All Entries in ARP Table
#> set arp
Configure an Entry in ARP Table
#> set arp ip=198.150.150.10 ether=08:00:20:05:0b:da tim2liv=900
See Also "remove" on page 81 to remove values from the arp table.
"revert" on page 83. The revert arp option reverts the set arp
configuration.
set auth
94 Chapter 2 Command Descriptions
set auth
Purpose Configures or displays access permissions to serial ports for LAN users.
The set auth command is a very powerful tool for limiting LAN users’
access to ports. To produce the intended configuration results, follow these
principles:
The default access permission for a port is unrestricted access. This
means that all IP addresses have unrestricted access to a port unless
you use the set auth command to place restrictions on port use.
You can configure a new default by removing the default entry in the
auth table (the entry that specifies an IP address of 0.0.0.0 and mask of
0.0.0.0). Then, the default becomes no access for any IP address. You
can then use the command to permit access for particular IP
addresses.
In addition to unrestricted access, there are three types of restricted
access:
Login access. The user of an IP address must log in before
access to the port is granted.
RealPort access. Only the RealPort application can use the port.
No access. The user of the IP address cannot access the port.
The most reliable way to use the command for configuration is to
explicitly specify the type of access for each port on each command. In
the examples that follow, which use an 8-port device, the “right”
command accounts for all ports, and the “wrong” one does not:
When the only option specified on the set auth command is an IP
address, that IP address loses all access rights to all outbound ports.
When you use the set auth command to change access permissions
for a particular IP address (or range of addresses), all other IP
addresses are unaffected by the command.
The mask option extends the scope of the set auth command to a
range of IP addresses. In each mask position that a binary 1 appears,
the incoming address must match perfectly with the address specified
on the ip option.
The auth table is limited to 20 entries.
Required
Permissions
The root user can configure access permissions. Normal users can display
access permissions.
Right: set auth ip=192.10.10.10 realport=1-3 login=4-5
unrestricted=6-8
Wrong: set auth ip=192.10.10.10 realport=1-3 login=4-5
set auth
Chapter 2 Command Descriptions 95
Syntax Configure Access Permissions
set auth ip=ipaddress
[login={range|none}]
[mask=mask]
[realport={range|none}]
[unrestricted={range|none}]
Display Access Permissions
set auth [range=range]
Options ip=ipaddress
The IP address of the device to which this set auth command applies.
login={range|none}
Requires that users of the IP address specified log in. A value of none
indicates that users of the IP address specified have login access to none
of the ports.
mask=mask
Specifies an IP mask used to extend the scope of this set auth command
to a range of IP addresses. The following table provides examples of how
the mask option works:
realport={range|none}
Configures port access for RealPort running on the devices identified by
the ip and mask options. Use this option to grant access to RealPort but
restrict access to other users of the IP address.
unrestricted={range|none}
Configures unrestricted access for the IP address specified to the range
of ports specified.
range=range
Specifies a range of auth table entries, identified by an index number, to
which this command applies.
rmauth=on
Removes the auth table entries specified by the range option.
IP Address Subnet Mask "set auth" mask Result
192.168.0.0 255.255.0.0 255.255.0.0. All users on this class B
network are included in
the restrictions applied to
the outbound ports.
192.10.10.0 255.255.255.0 255.255.255.0 All users on this class C
network are included in
the restrictions applied to
the outbound ports.
192.10.10.0 255.255.255.240 255.255.255.240 All users on this
subnetted class C
network are included in
the restrictions applied to
the outbound ports.
set auth
96 Chapter 2 Command Descriptions
Examples Display Entire auth Table
#> set auth
Display a Range of Entries in auth Table
#> set auth range=1-2
Configure No Access for an IP Address
#> set auth ip=199.150.10.12 mask=255.255.255.255 login=none realport=none
unrestricted=none
Configure Mixed Access
In this example, an 8-port device server is configured for mixed access.
#> set auth ip=199.150.10.12 mask=255.255.255.255 realport=1-4 login=5-6
unrestricted=7-8
Configure Access for Two IP Addresses
This example requires three set auth commands:
The first removes the default entry from the auth table, which changes
the default setting from unrestricted access to all 8 ports for all IP
addresses to no access to any ports for any IP addresses.
The second and third commands restore unrestricted access to all ports
for the IP addresses specified.
#> set auth ip=0.0.0.0
#> set auth ip=199.22.33.4 realport=none login=none unrestricted=1-8
#> set auth ip=199.22.33.8 realport=none login=none unrestricted=1-8
Use the "Mask" Option to Extend the Command
In this example of a TCP/IP Class C network, the set auth commands
configure RealPort running on any host on network 199.150.150.0 with
access to ports 1 and 2. The other ports are not available to users of the IP
address specified.
#> set auth ip=199.150.150.10 mask=255.255.255.0 realport=1-2 logon=none
unrestricted=none
See Also "remove" on page 81 to remove values from the auth table.
"revert" on page 83. The revert auth command reverts the set auth
configuration.
"set ports" on page 176 for information on defining ports.
"set user" on page 238 for information on configuring a user for
outbound port access.
set buffer
Chapter 2 Command Descriptions 97
set buffer
Purpose Configures buffering parameters on a port, or displays the port-buffer
configuration on all ports.
Required
Permissions
The root user can configure port buffering. Normal users can display
current settings.
Syntax Configure Port Buffering
set buffer [clear]
[range=range}]
[size=kbytes ]
[state={on|off|pause}]
Display the Port Buffering Configuration
set buffer [range=range]
Options clear
Clears the contents of the specified buffer.
range=range
The port or ports to which the command applies.
size=kbytes
The size in kilobytes to configure the buffer. Settings are configurable in
2-kilobyte increments. The maximum size is1024 kilobytes (1 Megabyte).
The default is 32 kilobytes.
state={on|off|pause}
The buffering state, which can be any of the following:
on
The data will be buffered.
off
The data will not be buffered and all data will be cleared from the
buffer.
pause
The data will not be buffered, but data in the buffer will not be cleared.
Examples Display Port Buffer Configuration for All Ports
#> set buffer
Configure Buffers
This example sets the buffer state for port 1 to on mode and the buffer size
to 64 kilobytes.
#> set buffer range=1 state=on size=64
See Also "display buffers" on page 65.
"revert" on page 83. The revert buffers command reverts the
set buffer configuration.
"set logport" on page 161.
set chat
98 Chapter 2 Command Descriptions
set chat
Purpose Used to configure, display, remove, or rename entries in the chat table.
Chat table entries provide telephone number string translation and can be
accessed by any configured script. The chat table holds a maximum of 12
entries.
The set chat command is not related to the chat protocol supported under
the set ia command. See "set ia" on page 129 for details on configuring the
chat protocol.
Required
Permissions
The root user can configure, remove, or rename chat table entries. Normal
users can display chat table entries.
Syntax Configure chat Table Entries
set chat [delay=string]
[name=chat name]
[newname=new na me ]
[range=range]
[retry=number ]
[star=string ]
[pound=string ]
[wait=string ]
Display chat Table Entries
set chat [range=range]
Remove chat Table Entries
set chat {rmchat=on range=r an ge|rmchat=ch a tna me }
Rename a chat Table Entry
set chat name=name newname=new name
Options delay=string
A string of up to 24 characters to substitute into telephone numbers in
place of the delay character.
name=chat name
Configures a name for the chat table entry.
newname=new name
Used to change the chat name.
range=range
One of the following:
A range of ports to which the chat table entry will apply. (For Digi
One products, the only value is 1.)
A range of chat table index numbers, which identify chat table
entries.
retry=number
The number of times to retry a call. The range is 0 to 99 times.
set chat
Chapter 2 Command Descriptions 99
star=string
A string of characters that will replace the * character in the chat script.
pound=string
A string of characters that will replace the # character in the chat script.
wait=string
A string of up to 24 characters to substitute into telephone numbers in
place of the wait character.
rmchat=on range=range|rmchat=chatname
Removes the chat table entry specified on the range or name option.
Examples Display Entire chat Table
#> set chat
Configure a chat Table Entry
#> set chat name=chat1 star=4452624
Remove an Entry from chat Table
#> set chat rmchat=chat1
Rename a chat Table Entry
#> set chat name=chat1 newname=chat2
See Also "remove" on page 81 to remove values from the chat table.
"revert" on page 83. The revert chat command reverts the set chat
configuration.
"set script" on page 195 for information on creating scripts that use
telephone string translation.
set config
100 Chapter 2 Command Descriptions
set config
Purpose Configures or displays network settings. These settings are stored in the
network parameters configuration table.
The optimize={latency|throughput} option can be used to optimize your
network for better Ethernet/IP performance.
Required
Permissions
The root user can configure network parameters. Normal users can display
network parameters.
Syntax Configure Network Parameters
set config [bootfile=file]
[boothost=host ipaddr]
[cache_dns={on|off}]
[circuitbreaker=reset]
[dhcp={on|off}]
[dns1=ip add r]
[dns2=ip add r]
[dns3=ip add r]
[domain=domain ]
[gateway=ip add r]
[hostname=name]
[ip=ip addr]
[nameserv=ip addr]
[optimize={latency|throughput}]
[ping-arp={on|off}]
[rarp={on|off}
[realport=tcp port]
[redirect={listen|ignore}]
[rpkeepalives={on|off}]
[save={on|off}]
[securerealport=tcp port]
[sockets=socket num ]
[submask=mask]
[tbreak={std|any|none}]
[tftpboot={yes|no|smart}]
Display Network Parameters
set config
set config
Chapter 2 Command Descriptions 101
Options bootfile=file
The name of a boot file on a TFTP host. Specify the full path to the file if
this is required to satisfy the host’s TFTP implementation. This option
does not apply to PortServer TS 8/16.
boothost=host ipaddr
The IP address of a host from which the device server can boot using
TFTP. This option does not apply to PortServer TS 8/16 devices.
cache_dns={on|off}
Controls whether the device server checks its DNS cache during a DNS
lookup.
on
The default/normal behavior. When the device server needs to do a
DNS lookup (translate a hostname into an IP address), it first checks
its DNS cache to determine whether the hostname-to-IP address
mapping exists. If the mapping does not exist, the device server issues
a DNS query to the DNS server to get this mapping. The device server
caches this mapping for the time-to-live value specified in the DNS
response.
off
Prevents the device server from using the cache. The device server
will always issue a DNS query whenever it must do a DNS lookup.
circuitbreaker=reset
Resets the circuit breaker.
dhcp={on|off}
Enables or disables DHCP (Dynamic Host Configuration Protocol).
Turning DHCP on causes the device server to obtain an IP address from
a DHCP server. The default is on.
dns1=ip addr
dns2=ip addr
dns3=ip addr
The IP address of the primary, secondary, and tertiary domain name
servers.
If dhcp=on, these DNS settings can be changed, but they will not persist
after the next reboot if the DHCP server provides these settings.
The secondary domain name server cannot be specified unless a
primary domain name server is specified, and the tertiary domain name
server cannot be specified unless a secondary domain name server is
specified. The primary domain name server cannot be removed (set to
0.0.0.0) if a secondary domain name server is specified, and the
secondary domain name server cannot be removed if a tertiary domain
name server is specified.
domain=domain
The name of device server’s domain.
gateway=ip addr
The IP address of the default gateway.
set config
102 Chapter 2 Command Descriptions
hostname=name
The device server’s DNS name. This option does not apply to Digi One
IA and SP devices.
ip=ip addr
The device server’s IP address.
nameserv=ip addr
The IP address of a name server in the device server’s domain. This
option does not apply to PortServer TS 8/16, Digi One IA, and
Digi One SP devices.
optimize={latency|throughput}
Configures how the Digi device handles network latency.
latency
Choose latency if the Digi device will handle delay-sensitive data.
throughput
Choose throughput if overall network throughput is more important
than latency. For Digi One IAP, the default is latency. For all other
models, the default is throughput.
ping-arp={on|off}
Enables or disables the ping-arp protocol to set the IP address.
rarp={on|off}
Enables or disables the RARP protocol to set the IP address.
realport=tcp port
The TCP port number used for RealPort connections. The default is 771.
redirect={listen|ignore}
Specifies how routing redirect messages should be handled.
listen
Accept ICMP routing redirect messages. Use this option only if you
have not configured the device server to forward RIP packets.
ignore
Discard ICMP routing redirect messages
The default is ignore.
set config
Chapter 2 Command Descriptions 103
rpkeepalives={on|off}
Enables or disables sending of RealPort keep-alives. RealPort keep-
alives are messages inside the RealPort protocol, sent approximately
every 10 seconds, to tell whoever is connected that the connection is still
alive. RealPort keep-alives are different from TCP keep-alives, which are
done at the TCP layer, and configurable.
As RealPort keep-alives generate additional traffic--several bytes every
10 seconds--this option allows you to turn them off. In situations such as
cellular/mobile wireless communications, when you are paying by the
byte, such additional traffic is undesirable when a TCP keep-alive can do
the same job, and only when the connection is idle.
If you want to have the RealPort keep-alive set to off; consider using a
TCP keep-alive instead. This is because if the link is not closed properly,
you could end up with your port being “locked up” with a dead TCP
session, which is why RealPort keep-alives were implemented in the first
place.
save={on|off}
Specifies whether configuration changes are saved. On saves
configuration changes to flash memory. Off means that changes will be
discarded when the device server is reset. The default is on.
securerealport=tcp port
The TCP port number used for secure RealPort connections. The default
is 1027.
set config
104 Chapter 2 Command Descriptions
sockets=socket num
Sets the base TCP socket service. TCP socket communication enables
serial devices to communicate with each other over an Ethernet network
as though they were connected by a serial cable. Configuring TCP socket
communications involves configuring the Digi device for inbound
connections (connections initiated by the device on the other side of the
network) and outbound connections: connections initiated by the device
connected to the serial port.
The base TCP socket service is used in reverse Telnet, raw, SSH, and
SSL/TLS connections to identify the connection type (Telnet, raw, SSH,
or SSL/TLS) and a particular port. The base socket range varies by
device. Enter set config ? to see the base socket range for your device.
Once the base socket is set, the port accessed and the connection type
are determined by the command the user issues to access the port. The
formulas for issuing commands are as follows:
The following examples illustrate how these formulas work.
.
submask=mask
The subnet mask for the subnetwork.
Connection Type Formula
Telnet base socket + port number
Raw base socket + 100 + port number
SSH base socket + 500 + port number
SSL/TLS base socket + 600 + port number
Base
Socket Example Connection Established
1000 telnet 192.168.1.1 1002 A Telnet connection to port 2
telnet 192.168.1.1 1102 A raw connection to port 2
ssh root@192.168.1.4 -p 1502 An SSH connection to port 2
openssl s_client -connect
192.168.1.4:2604 1602 A SSL/TLS connection to port
2
1121 telnet 192.168.1.1 1122 A Telnet connection to port 1
telnet 192.168.1.1 1222 A raw connection to port 1
ssh root@192.168.1.4 -p 1622 An SSH connection to port 1
openssl s_client -connect
192.168.1.4:2604 1722 A SSL/TLS connection to port
1
set config
Chapter 2 Command Descriptions 105
tbreak={std|any|none}
Sets the Telnet break keystroke (tbreak).
Once a Telnet connection is initiated, but before the connection is
established, the connection can be broken by entering a designated
keystroke. This keystroke is determined by these settings.
std
Configures tbreak so only the ^] (control right bracket) keystroke will
break a Telnet connection.
any
Configures tbreak so any keystroke will break a Telnet connection.
none
Configures tbreak so no keystroke will break a Telnet connection.
The default is std.
tftpboot={yes|no|smart}
(This option does not apply to PortServer TS 8/16)
Specifies booting conditions for the device server.
yes
Always boot from the TFTP host identified on the boothost option.
smart
If the device server cannot boot from the TFTP host identified on the
boothost option, boot from the device server’s internal flash ROM
instead.
no
Boot the device server from internal flash ROM.
The default is no.
Example Display the Network Parameter Configuration Table
#> set config
See Also "revert" on page 83. The revert config command reverts the
set config configuration.
The Digi One and PortServer TS Family User Guide’s chapter on
latency tuning.
set consmenu
106 Chapter 2 Command Descriptions
set consmenu
Purpose Configures or displays console menu options.
The Digi PortServer TS device supports multiple connections to a port
simultaneously. The set consmenu command may be used with the port
sharing feature (see "Configure Port Sharing" on page 25 and "set sharing"
on page 205). When port sharing is enabled, it can be useful to see who
else is connected to a port before making a connection.
The Console Menu feature allows you to see who is already connected to a
port, disconnect other sessions, display the last entries of the port-buffer or
branch out to the command line of the unit.
When in the console menu, entering a ? character displays a help screen.
Required
Permissions
The root user can configure console menu options. Normal users can
display console menu options.
Syntax Configure Console Menu Options
set consmenu [range=port#-port#]
[state={off|on|always}]
[break={standard|menu}]
Display Console Menu Options
set consmenu
Options range=port#-port#
The port or range of ports to which this command applies.
state={off|on|always}
Specifies whether and how the console menu is displayed.
off
No console menu is displayed.
on
The console menu is displayed upon connecting to the port if there is
at least one other active connection to the port open.
always
The console menu is displayed upon connecting to the port always.
break={standard|menu}
Specifies how breaks are handled.
standard
A break sent to the port will be sent as normal.
menu
Sending a break will invoke the menu (the break will not be sent to the
port). Breaks can be sent from the console menu.
set consmenu
Chapter 2 Command Descriptions 107
Examples Following is a sample of a menu displayed upon connecting to a port using
reverse telnet, reverse SSH:
[Port 1 Console Menu] - <enter> to connect
Port 1 connected sessions:
TTY user connected from
9 root 10.49.1.1
10 10.49.1.12 (current connection)
console 1>
At this stage, you can execute console commands. For example:
<enter> Connect to port
connect Connect to port
exit|quit Disconnect
who List connections to the port
kill (range) Kill connections to the port (admin)
break Sends a break to the port (admin)
buffer (L)(N) Displays the last L lines of the port buffer N at a time (admin)
? Display this help
console 1>
See Also "Configure Port Sharing" on page 25 for more details on port sharing,
including the caveats involved.
"revert" on page 83. The revert consmenu command reverts the
set consmenu configuration.
"set sharing" on page 205 for details on configuring port sharing.
"show" on page 252. The show sharing command displays the current
port-sharing settings.
set device
108 Chapter 2 Command Descriptions
set device
Purpose Configures devices used for outbound connections to use dialer scripts and
chat table entries; configures a different baud rate (line speed) for modems
and other devices used for outgoing connections than the rate defined on
the set line command; or displays the contents of the device table.
Required
Permissions
The root user can configure devices. Normal users can display device table
entries.
Syntax Configure Devices
set device [baud={no|rate}]
[chat={no|index num|chat name}]
[dialer={no|index n um |script name}]
name=name ports=range
[newname=ne wna m e]
[p{1-9}]
[save={on|off}]
[show=on]
Display Device Table Information
set device [{range=range|name=n a me}]
Options baud={no|rate}
Specifies the baud rate for the device.
no
The baud rate specified on the set line command will be used.
rate
The baud rate (line speed) when this device is used. This option
overrides the baud rate for this device defined on the set line
command. The range is 300 to 115,200 bps.
The default is no.
chat={no|index num|chat name}
Specifies whether a chat table entry is associated with this device.
no
A chat table entry is not associated with this device.
index num
A chat table entry (index number) associated with this device.
chat name
The name of a chat table entry.
The default is no.
set device
Chapter 2 Command Descriptions 109
dialer={no|index num|script name}
Specifies whether a dialer script is associated with this device.
no
A dialer script is not associated with this device.
index num
A script table entry (index number) associated with this device.
script name
The name of a script.
The default is no.
name=name
A user-defined name for the device.
ports=range
The port or range of ports available to this device.
newname=newname
A new name for a previously defined device.
p{1-9}
Integers that can be used in the variable options of login or dialer scripts.
save={on|off}
Determines if changes are saved into NVRAM.
show=on
Displays the current contents of the device table--the same operation as
entering show device or set device without options.
{range=range|name=name}
A device table entry or range of entries, identified by their index numbers.
Examples Display Entire Device Table
#> set device
Display a Range of Entries in the Device Table
#> set device range=4-7
Configure a Device
This example configures a device to use a dialer script and override the
baud rate specified on the set line command.
#> set device name=OutDev ports=3-5 dialer=modemscp baud=19200
See Also "remove" on page 81 to remove entries from the device table.
"revert" on page 83. The revert device command reverts the set
device configuration.
"set chat" on page 98.
"set line" on page 155.
"set script" on page 195.
"set user" on page 238.
set dhcp
110 Chapter 2 Command Descriptions
set dhcp
Purpose Used to:
Enable/disable DHCP (Dynamic Host Configuration Protocol). Enabling
DHCP causes the device server to obtain an IP address from the host
server. If DHCP is disabled, a static IP address must be defined for the
device server.
Renew the IP address of the device server. This causes the device
server to discard its current IP address and obtain a new one from the
host server.
Display the lease information for the current IP address.
Required
Permissions
The root user can configure DHCP. Normal users can display DHCP
settings.
Syntax Configure DHCP
set dhcp [client_fdqn={on|off}]
[client_identifier=string]
[client_id_type=type]
[keepalive={accept|ignore}]
[run={on|off}]|[renew]
Display Lease Information for Current IP Address
Enter the set dhcp command with no parameters to display the lease
information for the current IP address.
set dhcp
Options client_fdqn={on|off}
Used to turn on the DHCP option 81 titled Client FQDN (Fully Qualified
Domain Name). This option allows the device to send its host name and
domain name to the DHCP server when requesting network settings. The
intention is that the DHCP server will use this information to determine
the IP address that it will assign to the device. Use the
set config hostname=string option to set the host name that will be
passed to the DHCP server, and optionally use the
set config domain=string option to set the domain name that will be
passed to the server. If the domain part is not set, then only the host
name will be passed to the DHCP server.
client_identifier=string
A text string consisting of 30 or fewer characters, which must be
surrounded by quotation marks if it contains spaces. The default is an
empty string. To enter non-printable characters, use hexadecimal format,
which is \xn, where n is a hexadecimal value from 0 through F. To use
the backslash character as the string, use two consecutive backslashe
characters (\\).
set dhcp
Chapter 2 Command Descriptions 111
client_id_type=type
A number between 0 and 255 that can be used to define the type of
information in the client_identifier string. For example, all routers could be
assigned 11 as the client_id_type.
keepalive={accept|ignore}
Determines which TCP keep-alive attributes are used, those set by the
DHCP server or those specified on the set tcpip command.
accept
The DHCP server settings are used, and the set tcpip settings are not
used.
ignore
The set tcpip settings are used, and the DHCP server settings are
ignored.
The default is accept. If the DHCP client feature is disabled, this setting
has no effect.
run={on|off}|[renew]
Turns DHCP on or off, and optionally renews the IP address of the device
server.
on
Turns DHCP on.
off
Turns DHCP on or off. The default is on.
renew
Renews the IP address of the device server.
You must reboot the device server before this change takes affect.
Examples Enable DHCP
#> set dhcp run=on
Renew the IP Address
#> set dhcp renew
See Also "revert" on page 83. The revert dhcp command reverts the set dhcp
configuration.
"set config" on page 100 for information on configuring the IP address
manually.
"set tcpip" on page 222.
set embmodem
112 Chapter 2 Command Descriptions
set embmodem
Purpose Configures the embedded modem on PortServer TS M MEI devices, or
displays current embedded-modem settings.
Required
Permissions
The root user can configure the embedded modem. Normal users can
display embedded modem settings.
Syntax Configure Embedded Modem
set embmodem [reset]
[init_string=“ATcommand”]
Display Current Modem Settings
set embmodem
Options reset
Resets the modem, then sends the initialization string specified by the
init_string option, or an init_string that was set previously.
init_string=“ATcommand”
An AT command that is sent to the modem after it is reset. The string
must be enclosed in double quotes. The default parameter is “ATSO=1
(autoanswer on).
Examples Configure Device with Embedded Modem for Autoanswer On
#> set embmodem init_string=“ATSO=1”
Reset an Embedded Modem
The following command resets an embedded modem, and sends the
initialization string that was set in the previous command.
#> set embmodem reset
See Also "revert" on page 83. The revert embmodem reverts the
set embmodem command.
"Modem Emulation Commands" on page 263
set ethernet
Chapter 2 Command Descriptions 113
set ethernet
Purpose Configures and adjusts Ethernet communications options, and displays
current Ethernet options.
Required
Permissions
The root user can configure Ethernet options. Normal users can display
Ethernet options.
Syntax Configure and Adjust Ethernet Communications Parameters
set ethernet [duplex={half|full|auto}]
[speed={10|100|auto}]
Display Current Ethernet Parameter Settings
set ethernet
Options duplex={half|full|auto}
Determines the mode the Digi device uses to communicate on the
Ethernet network. Specify one of the following:
half
The device communicates in half-duplex mode.
full
The device communicates in full-duplex mode.
auto
The device senses the mode used on the network and adjusts
automatically.
The default is half. The value you specify for this option must match the
option used by the peer. In other words, if the other side is using auto
(negotiating), this device must use auto. If the other side is set for half-
duplex, this side must use half.
speed={10|100|auto}
Configures the throughput rate the Digi device will use on the Ethernet
network. Specify an appropriate setting for your Ethernet network, which
can be one of the following:
10
The device operates at 10 megabits per second (Mbps) only.
100
The device operates at 100 Mbps only.
auto
The device senses the throughput rate of the network and adjust
automatically.
The default is auto. The value you specify for this option must match
the option used by the peer. In other words, if the other side is using
auto (negotiating), this device must use auto. If the other side is set for
100 Mbps, this side must use 100.
set ethernet
114 Chapter 2 Command Descriptions
Examples Configure 100 Mbps Throughput
#> set ethernet speed=100
Configure Full-Duplex Mode
#> set ethernet duplex=full
See Also "revert" on page 83. The revert ethernet command reverts the
set ethernet configuration.
"set config" on page 100.
set filter
Chapter 2 Command Descriptions 115
set filter
Purpose Manages filters. Filters can be used with PPP and RADIUS.
For PPP, filters can control and record traffic over PPP connections.
When using RADIUS, the RADIUS server can send to the RADIUS
client (that is, a Digi product) a filter ID attribute, meaning a filter name
that is used in authenticating the connection. The set radius command
has an ignorefilterid={on|off} option. If ignorefilterid=on, the Digi
product ignores any filter names that are not defined, but will process
normally all filters that are defined. If ignorefilterid=off, the absence of
a filter that matches the RADIUS-provided filter ID results in
authentication failure.
With the set filter command, you can
Create filters, which in turn creates entries in the filter table. The
maximum number of entries in the filter table varies by device. For
example, the maximum entries for PortServer TS Family devices is 8,
and the maximum entries for PortServer TS 8/16 Family devices is 16.
Display entries in the filter table.
Display the contents of a filter.
Uses for Filters
Use filters to trigger the following actions on PPP connections:
Block or pass packets.
Bring up or reject connections.
Reset the idle timeout timer.
Send information to the log file.
set filter
116 Chapter 2 Command Descriptions
Rules for Creating Filters
When creating filters, follow these rules:
The action a filter takes depends on the contents of the filter and on the
type of filter it is defined as on the set user command. If the filter is
referenced on the:
passpacket option, it will allow packets that meet filter criteria to
pass through a serial port and block all others.
bringup option, it will bring up a connection when the port handles a
packet that meets filter criteria.
keepup option, it will reset the timer defined on the set user
idletimeout option when the port handles a packet that meets filter
criteria.
logpacket option, it will send a message to the log file when the port
handles a packet that meets filter criteria.
Filters are made up of 1 to 32 stanzas, each of which expresses filtering
criteria.
Filter criteria are called tokens. Examples of tokens include IP
addresses, TCP or UDP port numbers, whether a packet is incoming or
outgoing, and several others.
Tokens must be separated by slashes (/).
Stanzas are processed in order. That is, first S1 (stanza 1) is processed
and then S2, and so on.
As soon as a stanza’s criteria is completely satisfied, filtering action
occurs and subsequent stanzas are ignored. For example, if S1
specifies an IP address of 190.159.146.10 and an ICMP message type
7, a packet from that IP address carrying that ICMP message type will
trigger filtering action. Subsequent stanzas will not be processed.
Consequently, you must specify and relationships (all criteria must be
satisfied) in the same stanza and or relationships (any of the criterion
must be satisfied) in different stanzas.
The exclamation mark (!) at the beginning of a stanza changes how the
filter acts. When a packet is encountered that meets stanza criteria, the
filter does not execute the filter function (for example, bringing up a
connection) and it does not process any more stanzas.
When Changes to Filter Definition Settings Take Effect
The set filter command can be used at any time to change and display
filters. However, the results of any changes to filter definition settings take
effect on subsequent PPP connections only. Any PPP connections
established prior to a given filter change will continue to operate using the
previous filter definition settings. For the new filter settings to take effect,
existing PPP sessions must be terminated and reestablished, for example,
by rebooting the PortServer reboot or by issuing the kill tty command.
set filter
Chapter 2 Command Descriptions 117
Required
Permissions
The root user can configure filters. Normal users can display filter settings.
Syntax Create Filters, Add Stanzas, or Rename Filters
set filter name=name
[newname=name]
[s#=token\t o ke n\t o ken...]
Display Filter Table Entries
set filter [range=range]
Display Filter Stanzas
set filter name=name
show={on|off}
Options name=name
A name for the filter.
newname=name
A new name for a previously defined filter.
s#=token/token/token...
#
The number of a stanza, which can be from 1 to 32.
token/token/token...
1-32 tokens, which are the criteria by which filtering is accomplished.
Separate tokens by a forward slash (/). Tokens can consist of any of
the following:
Token Value Filter Criteria
servicename A name in the service table that identifies a particular process,
such as Telnet (see set service on page 203).
hostname The name of a host defined in the host table (see set host on
page 128).
protocol number The number in an IP packet that identifies the protocol to which
IP should pass the packet. Use one of the following: 1 for ICMP,
2 for IGMP, 6 for TCP, and 17 for UDP.
ip addr An IP address.
ip mask An IP mask that modifies the meaning of the ip addr option.
port num A TCP or UDP port number