Data Server for PC5200 as Remote Terminal V1.00 9/22/05

Similar documents
Setting Up Windows 2K VPN Connection Through The Symantec Raptor Firewall Firewall

The StrideLinx Remote Access Solution comprises the StrideLinx router, web-based platform, and VPN client.

GIFTePay XML SVS/GCS. Installation & Configuration Guide. Version Part Number: (ML) (SL) GIFTePay XML for SVS/GCS 4.

GIFTePay XML. Chockstone. Installation & Configuration Guide. Version Part Number: (ML) (SL)

3) Click the Screen Sharing option and click connect to establish the session

CCNA 1 Chapter 2 v5.0 Exam Answers %

Immotec Systems, Inc. SQL Server 2008 Installation Document

1.4 VPN Processing Principle and Communication Method

GIFTePay XML. SecurePay. Installation & Configuration Guide. Version Part Number: (ML) (SL)

Lantech LSC-1102B SERIAL TO TCPIP CONVERTER. User Manual

Cryptography Application : SSH. Cyber Security & Network Security March, 2017 Dhaka, Bangladesh

SOHO 6 Wireless Installation Procedure Windows XP with Internet Explorer 5.x & 6.0

Operation Manual SSH H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Lab Configuring an ISR with SDM Express

CCNA 1 Chapter 2 v5.0 Exam Answers 2013

F5 WANJet 200. Quick Start Guide. Quick Start Overview

WinDSX New Installations

Lab Using the CLI to Gather Network Device Information Topology

Immotec Systems, Inc. SQL Server 2008 Installation Document

ZyWALL 70. Internet Security Appliance. Quick Start Guide Version 3.62 December 2003

Installation and Configuration Guide

Configuring Secure Shell (SSH)

DirectLine for Business VPN USER GUIDE

I m InTouch Installation Guide for the DSL/Cable environment with a Linksys router Models: BEFSRU31, BEFSR41 V.2, BEFSR11

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

Prestige 660H Series. Prestige 660HW Series

Wireless Printing Updated 10/30/2008 POLICY. The use of Wireless Networking is not permitted at any site for full client/server networking of Taxwise.

NETePay XML. Installation & Configuration Guide. For Moneris (Public) Version 3.00

Client Loading Instructions For ProHelp EPM, Release 7.7

Integrated Software Series Installation Instructions

Configuring the network clients

Full file at Chapter 2: Securing and Troubleshooting Windows Vista

OPC UA Configuration Manager PTC Inc. All Rights Reserved.

Installation Procedure Windows NT with Netscape 4.x

Channel 4. User Manual. Version 2.0

Server Remote Control External KVM over IP

Introduction... 3 Features... 3 Minimum Requirements... 3 Package Content... 3 Note... 3 Get to know the Broadband Router... 4 Back Panel...

Covene Cohesion Server Installation Guide A Modular Platform for Pexip Infinity Management October 25, 2016 Version 3.3 Revision 1.

istorage Server and IP SEC

WinSCP. Author A.Kishore/Sachin

CommLink IV Technical Guide

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

Broadband Router. User s Manual

Lesson 3: Identifying Key Characteristics of Workgroups and Domains

Link Gateway Initial Configuration Manual

2. The next screen will tell you to press the lighted Cisco logo on the Router. After you have pressed the logo, click the Next button to continue.

Lab - Remote Desktop in Windows 8

MiPDF.COM. 3. Which procedure is used to access a Cisco 2960 switch when performing an initial configuration in a secure environment?

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Remote Administration

Cryptography Application : SSH. 7 Sept 2017, Taichung, Taiwan

GIFTePay XML. Valuelink. Installation & Configuration Guide. Version Part Number: (ML) (SL)

Wireless Terminal Emulation Advanced Terminal Session Management (ATSM) Device Management Stay-Linked

VII. Corente Services SSL Client

OPC UA Configuration Manager Help 2010 Kepware Technologies

Connecting the DI-804V Broadband Router to your network

Introduction... 3 Features... 3 Minimum Requirements... 3 Package Content... 3 Note... 3 Get to know the Broadband Router... 4 Back Panel...

First-Time Login Procedure on XWin32

User s Guide. Ethernet Module for Barcode Printer

HTG XROADS NETWORKS. Network Appliance How To Guide: PPTP Client. How To Guide

Application Note Configuring the Netopia R2020 for use with ClipMail Pro and ClipExpress

Configuring the VPN Client

How to open ports in the DSL router firmware version 2.xx and above

USING THE XPERT2 / 9210B ON A TCP/IP NETWORK

Configuring a Palo Alto Firewall in AWS

ConnectUPS-X / -BD /-E How to use and install SSL, SSH

CALLN HOSTED CALL RECORDING CISCO ESW2 SERIES PORT MIRRORING SETUP

SQL 2012 Installation

Configuring Cisco VPN Concentrator to Support Avaya 96xx Phones Issue 1.0. Issue th October 2009 ABSTRACT

Lab - Examining Telnet and SSH in Wireshark

AOS-W 6.4. Quick Start Guide. Install the Switch. Initial Setup Using the WebUI Setup Wizard

RX3041. User's Manual

PMS 138 C Moto Black spine width spine width 100% 100%

Using the Cisco NCS Command-Line Interface

TCP/IP Converter. EX-9132 Operation Manual for 8051 Series

CHAPTER 7 ADVANCED ADMINISTRATION PC

CCASS (& CCMS) Terminal Installation Procedures. Version: 5.0

SCS100/200/400 Quick Start Guide

Restrictions for Secure Copy Performance Improvement

2/22/2016 UTM: How to Open FTPS traffic to a Passive mode FTP Server behind the SonicWALL (SW10094)

Print Audit 6. Print Audit 6 Documentation Apr :07. Version: Date:

SonicOS Release Notes

Installation Procedure Windows 2000 with Internet Explorer 5.x & 6.0

Configuration Guide SuperStack 3 Firewall L2TP/IPSec VPN Client

Wireless Access Point

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

PACS. User Guide. Installing PACS on a Peer to Peer Network. pacs1.6

GEM80 & ewon Setup Quick Guide

factory field upgrade

ACE PLUS CORP. APCON100 series Operation Manual RS-232 to Ethernet Converter

IP806GA/GB Wireless ADSL Router

10ZiG Technology. Thin Desktop Quick Start Guide

Building a virtual network Maher Saad, Chestnut Residence, University of Toronto

Jaringan Komputer (CCNA-1)

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide

Fencing Time Version 4.3

Power Development Platform Connecting to your PDP system user guide

Canlan INSTALLATION MANUAL

APPLICATION NOTE # 036

xtrace Monitor Installation Guide

Transcription:

Data Server for PC5200 as Remote Terminal V1.00 9/22/05 Mirador Software, Inc. 1040 West End Blvd. Winston-Salem, NC 27101 Telephone: 770-850-9100 / FAX: 770-881-7958 Website: http://www.pc8800.com Copyright 2005-2014 -1- by Mirador Software

Table of Contents Introduction...3 Architecture...3 Simplest LAN Configuration...3 Internet Configuration...4 Functions of the Data Collector...5 Functions of the Server...5 System Requirements...6 Installation...7 Installing the Data Collector Service...7 Installing the Terminal Server Service...8 Registry Usage...9 Connecting with PC5200...9 Appendix - Serial Communications Cable...11 Copyright 2005-2014 -2- by Mirador Software

Introduction The Mirador PC5200 Remote Terminal Server is a suite of Win32 programs that allows users of Mirador's PC5200 Intecolor terminal emulator to connect to a control system host by way of a LAN or the internet. The remote terminal server is designed for security and reliability. The components of the system run as Win32 services that automatically re-start following any reboots of the hosting hardware; access to these services is controlled by a simple group membership test. Additional security measures can be implemented using SSH, if required. Architecture The program suite consists of two Win32 executables. pc52clct.exe - the data collector program pc52srvr.exe - the communications server program The component programs perform specific functions that are described in detail in the following sections of this document. The programs communicate with each other by means of a named pipe. This communications mechanism allows the user to install the system in a number of different ways, depending on the physical relationships of the control system host, server host and PC5200 clients and requirements for administrative control and security. Two examples are given below. Simplest LAN Configuration Control System Host (RS-232 serial connection) running PC5200 data collector service running PC5200 Terminal Server running PC5200 Emulator (named pipe connection) (TCP/IP connection) Local Area Network In a minimal configuration, the data collector and server programs are installed on the same workstation. This workstation is connected to the control system host by an RS-232 cable and to a local area network. PC5200, running on another workstation that is also on Copyright 2005-2014 -3- by Mirador Software

the local network, connects directly to the remote terminal service, providing a user name and password. Once authenticated, the PC5200 user is connected to the control system host by way of the remote terminal server and the data collector. This type of configuration is appropriate when all hosts are trusted and there are no stringent administrative requirements for access to a host that provides TCP/IP and named pipe based services. Internet Configuration Control System Host (RS-232 serial connection) running PC5200 data collector service running PC5200 Terminal Server SSH Server (Handles SSH connections forwards traffic to port 3333 on terminal server) (named pipe connection) (TCP/IP connection) Local Area Network running PC5200 Emulator (SSH over TCP/IP connection) Internet Firewall /Router (forwards outside connections to port 22 to SSH seriver) In a network environment in which pipe servers (as well as TCP / IP network servers) are under system administrator control and subject to security requirements and / or the control system host is situated far from any server host, the data collector and terminal server services can run on different machines. The data collector creates no pipes and opens no network ports, so it can run under a normal user's authority. The terminal server does create pipes and opens network ports, so it can run under administrator authority with appropriate access controls. When clients are expected to connect to the terminal server from outside a trusted network, the terminal server host can be situated behind a firewall/ssh server and the firewall host can control remote client access to the terminal server using SSH authentication methods and other firewalling rules. It is only necessary for the clients to request port forwarding to the terminal server when making connections to the SSH server. The PC5200 client fully supports this. Copyright 2005-2014 -4- by Mirador Software

Creating an SSH tunnel for traffic moving over the internet or other WAN between the PC5200 terminal emulator and the control system host provides complete security for the conduct of mission critical control, since SSH uses a very secure authentication method (RSA public/private key pairs) and provides strong encryption of all traffic. Functions of the Data Collector The data collector, pc52clct.exe, runs on a Windows PC that is connected by an RS-232 serial cable to the control system host. The data collector is a Win32 service. It has no graphical user interface (no window) of its own. It is intended to run all the time as a background task. While it typically runs under the authority of an ordinary user, it is installed and set up to start and run automatically, so that the user does not have to log on and manually launch it. Once installed and started, its operation is automatic. When it starts, the data collector service first initializes the serial port which will handle communications with the control system host. It then establishes a network connection to the terminal server service program by opening the server's named pipe. The collector then commences reading data received from the control system host at the serial port and forwarding that data to the server over the pipe. Likewise, it begins reading data from the server's pipe (originating at a remote terminal emulator) and forwarding that data to the control system host via the serial connection. Serial communications parameters can be set by the user of the collector program. Functions of the Server The server, pc52srvr.exe, is also a Win32 service application with no graphical user interface (window) of its own, intended to run constantly in the background. It function is to create and control the communications channels that are used by the data collector and the PC5200 emulator clients. When it starts up, the server first creates a named pipe to support communications between it and the data collector service. The data collector will open this pipe. The pipe will then be available to pass serial data collected from the external control system host to the server, and to pass data received by the server back to the control system host by way of the collector. Next, the server starts listening for client connections on a TCP port (for now port 3333). PC5200 clients can connect to this port, either directly (providing a user name and password as prompted), or by way of a tunnel through a secure SSH connection. Direct connection would be appropriate for trusted clients on a private network. An SSH tunnel is preferred for remote clients connecting by way of the internet. To establish a Copyright 2005-2014 -5- by Mirador Software

tunneled connection with the server, each client must first establish an SSH session with an SSH server. In the process of establishing this connection, the client requests that the SSH server forward session traffic to the Mirador terminal server. The PC5200 client is fully capable of supporting both direct and tunneled SSH connections. The server function is implemented in a separate executable in order to facilitate security measures that are often necessary when communications take place over a network. In a minimal configuration, the data collector and server can run on the same PC under the same user s authority and clients on a trusted network can connect directly. In a more secure networked configuration, the server is typically run on a designated server machine under the authority of the system administrator. The system administrator can control which users can connect to the server s pipes over the network by creating a terminal server user's group and making those users members of the group. When the administrator installs the server, he or she specifies to the server the name of the group that has been created, whose members will have access to the pipes the server manages. System Requirements Each PC that is to host one or both of the service programs must be running Windows NT4.0, 2000 or XP Professional, have CPU and memory resources appropriate to operating system, and have an Ethernet connection. The PC running the collector program must have one available serial port. Note that Windows XP Home Edition does not support user groups or participation in a domain. Therefore it is not suitable for running these services. Copyright 2005-2014 -6- by Mirador Software

Installation Installing the Data Collector Service The Data Collector must be installed on the computer that will be connected by serial line to the control system host serial port. If the server program is to be installed on a different machine, the PC on which the Data Collector is installed must have network access to that machine, and that machine s name must be known at installation time. Note that the installation of the collector may require Administrator access rights, depending on system administration policy. The data collector is installed and configured with command line switches and options. The various switches and options available are always accessible with a command line help. From a Windows command shell, install the service by issuing the following command >pc52clct -i This command registers the service with the Windows Service Control Manager. To start the service, issue the following command, with any required options: >PC5200clct g Alternatively, you can use the system control panel to start the service. Navigate to Start->Settings- >Control Panel->Services. Find the new service name_of_service in the list of services in the dialog box and double click on it to get a configuration dialog box. Copyright 2005-7- by Mirador Software, Inc.

In the configuration dialog box, set Startup type to 'Automatic' Log On As 'This Account' The account should be that of a member of the PC5200 user's group with the member's password. Startup Parameters: server_name server_name is the name of the host running the pipe service program. If the server program is running on the same machine as the data server, the name is LocalHost or.. Exit the configuration dialog box, and start the service. Finally, exit Control Panel->Services. Installing the Terminal Server Service The server may be installed on the same machine that is running the data collector or it may be installed on another machine to which the data collector has access via a network. Prior to installing the server, a new user s group should be created on the host machine (or in the network domain). The user s group should contain the names of all users who will be authorized to use the server. The name of the group must be specified when the server is installed and configured as a service. Note that the creation of this group and other steps in the installation process will probably require Administrator access rights. The terminal server is installed and configured with command line switches and options. The various switches and options available are always accessible with a command line help. Copyright 2005-8- by Mirador Software, Inc.

From a Windows command shell, install the service by issuing the following command >pc52srvr -i This command registers the service with the Windows Service Control Manager. To start the service, issue the following command, with any required options: >PC5200srvr g Alternatively, you can use the system control panel to start the service. Navigate to Start->Settings- >Control Panel->Services. Find the name_of_service on the list of services in the dialog box and double click on it to get a configuration dialog box. In the configuration dialog box, set Startup type to 'Automatic' Log On As 'This Account' The account should be '.\Administrator' with the administrator's password Startup Parameters: PC5200_user_group_name The PC5200_user_group_name is the name of the user group previously created by the Administrator. 4. Exit the dialog box, and start the service. 5. Finally, exit Control Panel->Services. Registry Usage The server program does not make any use of the registry. Connecting with PC5200 PC5200 is an ordinary Win32 application. It can connect to a control system host directly by way of a serial port, or remotely through the server and collector services described above (with or without the mediation of an SSH server). Copyright 2005-9- by Mirador Software, Inc.

PC5200 provides a network setup dialog to allow the user to specify the address of the host running the remote terminal service. See the illustration below. If the user is not connecting over the internet or other WAN that is subject to security attacks, she can specify a direct connection by checking Direct for the Connect method. In that case, she does not need to specify an SSH server address, etc. After specifying the terminal server host, she merely clicks on OK and then, from the PC5200 main menu, selects the Network connection method, and On Line. PC5200 will then connect to the terminal server and the server will present a login prompt. After the user logs in, giving a user name and password for the server, she is connected to the control system host. To establish a connection over the internet from a remote location, the user might be required to use SSH tunneling for security reasons. In that case, after specifying the terminal server host in the Network Setup dialog, the user should check Tunnel through SSH as the connect method and fill in the fields required for this type of connection. The user must already have created an RSA public/private key pair, and provided her public key to the system administrator. The system administrator must have created an account for her on the SSH server (under some user name) and associated her public key with her account. When the user sets up the PC5200 client for an SSH session, she provides the SSH server s address, her user name on that server, and a path to her private key file. Login then proceeds more or less as for the direct connect method. PC5200 automatically requests that the SSH server forward the SSH session traffic to the remote terminal server. Copyright 2005-10- by Mirador Software, Inc.

Appendix - Serial Communications Cable The wiring of a typical cable connecting the control system host to a serial port on the PC running the data collector program is shown below. Host DB-25 PC DB-9 FG SG RX TX CTS RTS 1 7 3 2 5 4 5 3 2 7 8 SG TX RX RTS CTS Copyright 2005-11- by Mirador Software, Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback