Use the Secure Lantronix Network option to view and manage secure Lantronix managers and Spiders on the local subnet.
Note: Status and statistics shown on the web interface represent a snapshot in time. To see the most recent data, you must reload the web page by clicking the Refresh link.
To view and manage SLC units on the local network:
Click the Services
tab and select the Secure Lantronix
Network option. The Secure Lantronix Network page displays
with an entry for each device discovered on the network. For SLCs,
the back panel is displayed with each device port. If Web SSH is enabled,
device ports that have SSH In enabled are shown in a bright green.
Select the port to open a Web SSH session to the device port. If Web
SSH and SSH to the CLI are enabled, or Web Telnet and Telnet to the
CLI are enabled, links are displayed to open a Web SSH or Web Telnet
session to the CLI.
Settings that control the behavior of Web SSH and Web Telnet are on the SSH/Telnet/Logging web page. For tips on troubleshooting browser issues, see Troubleshooting Browser Issues. For tips on Web SSH or Web Telnet copy and paste functionality, see Web SSH/Telnet Copy and Paste.
To configure how SLC units are searched for on the network:
On the SLC Network page, click the Search Options button.
Enter the following:
Secure Lantronix Network Search |
Select the type of search you want to conduct. Local Subnet performs a broadcast to detect SLC units on the local subnet. Manually Entered IP Address List provides a list of IP addresses that may not respond to a broadcast because of how the network is configured. The default is Both. |
IP Address |
If you selected Manually Entered IP Address List or Both, enter the IP address of the SLC unit you want to find and manage. |
If you entered an IP address, click the Add IP Address button. The IP address displays in the IP Address List.
Repeat steps 2 and 3 for each IP address you want to add.
To delete an IP address from the IP Address List, select the address and click the Delete IP Address button.
Click Apply. When "The Secure Lantronix Network configuration is complete" message displays, select Secure Lantronix Network from the main menu. The Secure Lantronix Network page displays.
Troubleshooting Browser Issues
Depending on which browser you are using and what type of SSL certificate the SLC web server is configured with, there may be errors connecting to a Web SSH or Web Telnet session. These errors may be the standard browser error displayed for self-signed or untrusted certificates ("There is a problem with this website's security certificate." or "Your connection is not private.").
The SSL server that handles Web SSH and Web Telnet sessions is accessible on port 8000, instead of the standard port 443 for SSL connections. It is recommended that the SLC be configured to use a SSL certificate from a Certificate Authority to prevent issues accessing Web SSH and Web Telnet terminals. If your SLC web server is configured to use a self-signed or untrusted SSL certificate, refer to the notes below for how to work around this for various browsers.
When an SLC or SLB is configured with a SSL certificate that is either a wildcard certificate or associated with a specific name, in order to establish a Web SSH or Web Telnet session to the SLC or SLB unit, the unit must be able to successfully perform a reverse lookup on any IP address to which Web SSH or Web Telnet requests are sent. For example, if a unit is configured with a SSL certficate for the name "slcXYZ.lantronix.com", and the unit website is being accessed in a browser with "https://slcXYZ.lantronix.com", the unit needs to be configured with a name server that will allow the unit to perform a reverse lookup on the IP address associated with slcXYZ.lantronix.com. Failure to perform a reverse lookup on a name may result in name mismatch errors in the browser when it attempts to open the Web SSH or Web Telnet window.
If you are unable to connect to a Web SSH or Web Telnet session for a reason other than a browser SSL certificate issue, restarting the SSL server on port 8000 may resolve the connection problem. This can be done by restarting the web server (with the CLI command "admin web restart") or by disabling both Web SSH and Web Telnet on the SSH/Telnet/Logging web page, and then re-enabling them.
Chrome - For the greatest ease of use with Web SSH and Web Telnet, when the SLC web server is using a self-signed SSL certificate, use the Chrome browser. When the user accepts the self-signed SSL certificate in the browser for the primary SLC website, the self-signed SSL certificate is accepted for all ports - including port 8000 - for the SLC website.
Firefox - When accessing the SLC website with Firefox, and when the SLC web server is using a self-signed SSL certificate, accepting the self-signed SSL certificate in the browser for the primary SLC website will only accept the certificate for port 443. It will not accept the certificate for port 8000. This may result in a popup being displayed in the Web SSH or Web Telnet window indicating that the browser needs to accept a certificate. To accept the self-signed certificate for port 8000, go to Firefox -> Options (or Preferences) -> Advanced -> Certificates -> View Certificates -> Servers, and add an exception for the SLC IP address or hostname, with port 8000.
Internet Explorer - When accessing the SLC website with Internet Explorer, and when the SLC web server is using a self-signed SSL certificate, Explorer will grant access to the Web SSH and Web Telnet terminals if (a) the host name or common name in the self-signed certificate matches the name (or IP address) being used to access the SLC website, and (b) Explorer has imported and trusted the self-signed certficate. A custom self-signed certificate with the SLC name can be generated via the SLC Web Server -> SSL Certificate web page or the admin web certificate custom CLI command.
Once the SLC web server has been configured to use the custom self-signed certificate, follow these steps for Internet Explorer to trust the custom certificate:
In Internet Explorer, browse to the SLC website whose certificate you want to trust.
When the message "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
In Internet Explorer, select Tools -> Internet Options.
Select Security -> Trusted Sites -> Sites.
Verify or fill in the SLC website URL in the "Add this website" field, click "Add", and then "Close".
Close the "Internet Options" dialog with either "OK" or "Cancel".
Refresh the Internet Explorer web page with the SLC website.
When the message "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
Click on the red "Certificate Error" at the right of the URL address bar and select "View certificates".
In the dialog that displays, click on "Install Certificate", then in the Certificate Import Wizard, click "Next".
On the next page select "Place all certificates in the following store".
Click "Browse", select "Trusted Root Certification Authorities", and click "OK".
Back in the Certificate Import Wizard, click "Next", then "Finish".
If you get a "Security Warning" message box, click "Yes".
Dismiss the "Import was successful" message box with "OK".
In Internet Explorer, select Tools -> Internet Options.
Select Security -> Trusted Sites -> Sites.
Select the SLC website URL you just added, click "Remove", then "Close".
Now shut down all running instances of Internet Explorer, and start up Internet Explorer again.
The SLC website's certificate should now be trusted.
There are security issues with letting a web page access the system clipboard, which is the main clipboard on a system that is shared between all applications. Because of this, browsers limit access to the system clipboard. The Web SSH and Web Telnet window provide copy and paste functionality via a right-click menu: the Copy option will copy what is highlighted in the Web SSH or Web Telnet window into an internal (non-system) clipboard, and the contents can be pasted into the Web SSH or Web Telnet window with the Paste.
Support for copying and pasting content between the system clipboard and the Web SSH or Web Telnet window will vary from browser to browser. With the exception of Internet Explorer, most browsers will not allow highlighted content from the Web SSH or Web Telnet window to be copied to the system clipboard (Internet Explorer will display a prompt confirming the copy). Likewise, most browsers will not allow content from the system clipboard to be directly pasted into the Web SSH or Web Telnet window with the standard Control-V paste key sequence. With some browsers, the user will be able to use the Paste from browser option in the right-click menu to paste content from the system clipboard into a text field in a popup, and after hitting Enter, the content will be sent to the Web SSH or Web Telnet window.
See also