myUTN User Manual Windows
Contents
1. mg ARP PING The assignment of the IP address to the hardware address can be done via the ARP table The ARP table is an internal system file in which the assignment is temporarily saved about 15 min This table is administered by the ARP protocol By means of the arp and ping commands you can save the IP address in the UTN server If the UTN server already has an IP address the arp and ping commands cannot be used to save a new IP address However an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf can be overwritten by means of the arp and ping commands The arp command is used for editing the ARP table The ping com mand transfers a data packet containing the IP address to the hard ware address of the UTN server If the data packet has been successfully sent and received the UTN server permanently saves the IP address The implementation of the arp and ping command depends on the system used Read the documentation for your operating system MI The ARP PING parameter has been enabled see gt 37 Edit the ARP table Syntax arp s lt IP address gt lt hardware address gt Example arp s 192 168 0 123 00 c0 eb 00 01 ff Assign a new IP address to the UTN server Syntax ping lt IP address gt Example ping 192 168 0 123 Administration Methods 2 Administration Methods You will get information on when to use these methods and which functi2. Starts the IP Wizard Abb 7 InterCon NetTool IP Wizard Xe 169 254 126 032 myUTN 80 14 0 38 IP no reply ICOD1FOB S4 IP Wizard for 169 254 126 032 wa Enter the IP address of the print server and the subnet mask If Multicast router as gateway is enabled the address of the multicast router found is used as gateway Disable this parameter if you want to edit the gateway manually IP address 192 ies 0 740 Subnet mask 255 255 255 0 Gateway 192 ies o 4 38 What are the Advantages of IPv6 What is the Structure of an IPv6 Address myUTN User Manual Windows Network Settings 3 2 How to Configure IPv6 Parameters You can integrate the UTN server into an IPv6 network IPv6 Internet Protocol version 6 is the successor of the more com monlPv4 Both protocols are standards for the network layer of the OSI model and regulate the addressing and routing of data packets via a network The introduction of IPv6 has many benefits e Pv6 increases the IP address space from 2 IPv4 to 2 28 IPv6 IP addresses e Auto Configuration and Renumbering e Efficiency increase during routing due to reduced header information e Integrated services such as IPSec QoS Multicast e Mobile IP An IPv6 address consists of 128 bits The normal format of an IPv6 address is eight fields Each field contains four hexadecimal digits representing 16 bits
3. ay Detailed informationen on how to use the InterCon NetTool can be found in the Online Help To start the Online Help select Help Online Help from the menu bar myUTN User Manual Windows 31 Functionalities Requirements Sending Instructions via Email Syntax and Format of an Instruction myUTN User Manual Windows Administration Methods 2 4 Administration via E Mail only myUTN 80 and later You can administer the UTN server via email and thus via any com puter with Internet access An email allows you to e send UTN server status information e define UTN server parameters or e perform an update on the UTN server M A DNS server has been configured on the UTN server see gt 41 MI In order to receive emails the UTN server must be set up as user with its own email address on a POP3 server MI POP3 and SMTP parameters have been configured on the UTN server see 12144 If you want to administer the UTN server you must enter the rele vant Instructions into the subject line of your email Proceed as follows 1 Open an email program 2 Write a new email 3 Enter the UTN server address as recipient 4 Enter an instruction into the subject line see Syntax and Format of an Instruction 9832 5 Send the email The UTN server receives the email and carries out the instruction Note the following syntax for instructions in the subject line cmd lt command gt lt comment
4. Community a z A Z 0 9 SNMP community The SNMP community is a basic form of access protec tion in which several partici pants with the same access rights are grouped together snmpv3 on off on Enables disables SNMPv3 SNMPv3 any_name max 64 characters anony Defines the name of the User name a z A Z 0 9 mous SNMP user group 1 any_pwd max 64 characters blank Defines the password of the Password a z A Z 0 9 SNMP user group 1 any_rights None readonly Defines the access rights of Access rights readonly the SNMP user group 1 readwrite any_hash md5 md5 Specifies the hash algorithm Hash sha of the SNMP user group 1 any_cipher None Defines the encryption Encryption aes method of the SNMP user des group 1 131 Appendix Parameter List Parameters Value Default Description admin_name max 64 characters admin Defines the name of the User name a z A Z 0 9 SNMP user group 2 admin_pwd 8 64 characters adminis Defines the password of the Password a z A Z 0 9 trator SNMP user group 2 admin_rights None readwrite Defines the access rights of Access rights readonly the SNMP user group 2 readwrite admin_hash md5 md5 Specifies the hash algorithm Hash sha of the SNMP user group 2 admin_cipher None Defines the encryption Encryption aes method of the SNMP user des group 2 Tabelle 28 Parameter List Date Time Parameters Value Default Description
5. Each field is separated by a colon Example fe80 0000 0000 0000 0000 10 1000 1a4 Leading zeros in a field can be omitted Example fe80 0 0 0 O 10 1000 1a4 An IPv6 address may be entered or displayed using a shortened ver sion when successive fields contain all zeros 0 In this case two colons are used However the use of two colons can be used only once in an address Example fe80 10 1000 1a4 As a URL in a Web browser an IPv6 address must be enclosed in brackets This prevents port numbers from being mistakenly regarded as part of an IPv6 address Example http 2001 608 af 1 100 443 The URL will only be accepted by browsers that support IPv6 39 Which Types of IPv6 Addresses are available myUTN User Manual Windows Network Settings There are different types of IPv6 addresses The prefixes of the IPv6 addresses provide information about the IPv6 address types Unicast addresses can be routed globally These addresses are unique and therefore unambiguous A packet that is sent to a unicast address will only arrive to the interface that is assigned to this address Unicast addresses have the prefixes 2 or 3 Anycast addresses are assigned to more than one interface This means that a data packet that is sent to this address will arrive at various devices The syntax of anycast addresses is the same as the one of unicast addresses The difference is that any
6. e How to Configure POP3 and SMTP only myUTN 80 and later 844 e How to Configure WLAN myUTN 54 only gt 48 3 1 How to Configure IPv4 Parameters TCP IP Transmission Control Protocol over Internet Protocol for wards data packets across several connections and establishes a con nection between the network participants The boot protocols DHCP and BOOTP belong to the TCP IP protocol family You can define various IPv4 parameters for an ideal integra tion of the UTN server into a TCP IP network For further informa tion about the assignment of IP addresses see gt 14 O Configuring IPv4 Parameters via the myUTN Control Center gt 37 O Configuring IPv4 Parameters via the SEH UTN Manager gt 37 O Configuring IPv4 Parameters via InterCon NetTool gt 238 36 Requirements myUTN User Manual Windows Network Settings Configuring IPv4 Parameters via the myUTN Control Center Proceed as follows Start the myUTN Control Center Select NETWORK IPv4 Configure the IPv4 parameters siehe Tabelle 2 2837 Click Save amp Restart to confirm The settings are saved FAUN Tabelle 2 IPv4 Parameters Parameters Description DHCP Enables or disables the protocols DHCP BOOTP and BOOTP ARP PING ARP PING Protocols offer various possibilities to save the IP address in the UTN server See Saving the IP Address in the UTN Server 3814 We recommend disabling
7. 0 Appendix Parameter List Description Specifies the time at which a status email is sent Specifies the time at which a status email is sent Tabelle 34 Parameter List WLAN myUTN 54 only Parameters Value wifi on off WLAN wifi_mode adhoc Mode infra wifi_channel 1 14 Channel country specific myUTN User Manual Windows Default on adhoc Description Enables disables the WLAN module of the UTN server Defines the communication mode The communication mode defines the network structure in which the UTN server will be installed Two modes are avail able Ad Hoc Infrastructure Defines the channel fre quency range on which the entire data communication will be transmitted The channel should be changed if interferences emerge Keep yourself informed about national provisions regarding the use of WLAN products and only use authorized channels 138 Parameters wifi_name Network name SSID wifi_encrypt Encryption method wifi_keyid Use WEP key wifi_wepkey1 wifi_wepkey2 wifi_wepkey3 wifi_wepkey4 Key 1 4 wifi_psk PSK myUTN User Manual Windows Value max 64 characters a z A Z 0 9 _ None WepOpen WEP Open System WepShared WEP Shared Key TKIP WPA TKIP AES WPA AES TKIP2 WPA2 TKIP AES2 WPA2 AES AESTKIP WPA AES TKIP AESTKIP2 WPA2 AES TKIP Auto WPA Auto 1 key 1 2 key 2
8. Carry out the hardware installation The hardware installation comprises the connection of the UTN server to the network the USB device and the power supply see Quick Installation Guide Make sure that an IP address is stored in the UTN server see 29614 Install and start the software tool SEH UTN Manager on your Windows client see 27 Add the UTN servers that you want to use to the selection list see 2867 Activate the connection between your client and the USB port to which the USB device is connected see 25868 The connection will be established The USB device can be used by the client Why IP Addresses How Does the UTN Server Obtain IP Addresses Automatic Methods of IP Address Assignments Manual Methods of IP Address Assignments myUTN User Manual Windows General Information 1 6 Saving the IP Address in the UTN Server An IP address is used to address network devices in an IP network TCP IP network protocols require the storing of the IP address in the UTN server so that the device can be addressed within the network The UTN server is able to assign itself an IP address during the initial installation Boot protocols are used to assign an IP address auto matically to the UTN server Upon delivery the boot protocols BOOTP and DHCP are enabled Once the UTN server is connected to the network it checks whether an IP address can be obtained from the boot protocols BOOTP or DHCP
9. Default Mechanism Encryption Authentication WEP WEP Open System Shared Key WEP EAP WEP Open System 802 1X EAP WPA Personal Mode TKIP MIC PSK WPA2 Personal Mode AES CCMP PSK WPA Enterprise Mode TKIP MIC 802 1X EAP WPA2 Enterprise Mode AES CCMP 802 1X EAP WEP WEP Wired Equivalent Privacy is an encryption method according to IEEE 802 11 on the basis of the RC4 encryption algorithm WEP offers myUTN User Manual Windows 48 WPA WPA2 Authentication What Do You Want To Do myUTN User Manual Windows Network Settings mechanisms for data encryption and authentication WEP uses a key to encrypt the entire communication As for encrypted access points the same WEP key must be used for the access point and the UTN server gt Bails _ S i a hr Some access points convert WEP keys that are entered as ASCII text into arbitrary hexadecimal values In this case the WEP keys for the access point and the UTN server do not match It is therefore recom mended to use hexadecimal WEP keys In contrast to WEP WPA Wi Fi Protected Access offers enhanced mechanisms for exchanging keys The exchange key is only used at the beginning of a session Afterwards a session key is used The key is regenerated periodically The WPA mechanism requires an authen tication at the beginning of a connection In the Personal Mode authentication is done via the Pre S
10. gt 62 4 1 How to Determine a Description You can assign freely definable descriptions to the UTN server This gives you a better overview of the devices available in the network Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Description 3 Enter freely definable names for Host name Description and Contact person 4 Click Save amp Restart to confirm 53 Device Settings amp The data is saved Ene DEE To assign names to USB ports see gt 56 4 2 Howto Assign an Identifier Shown in the Display Panel myUTN 800 only The Dongleserver myUTN 800 can be mounted in a 19 server rack In order to identify a certain myUTN 800 if several are mounted in a rack an identifier is shown in the display panel on the front side of the Dongleserver By default the identifier DS is displayed You can assign a freely definable identifier Do not assign an identifier to the UTN server that might be confused with an error code gt 4143 E Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Description 3 Enter a freely definable description into the Identifier display panel box max 2 characters A Z 0 9 Click Save amp Restart to confirm amp The data is saved L Status Activity A Abb 8 Display panel myUTN 800 myUTN User Manual Windows 54 UTC Time Zone Requirements UTN Port myUTN User Manual Windows
11. 2 The available router will then return a Router Advertisement RA containing the required information With a prefix from the range of the global unicast addresses the UTN server can compose its own address It simply replaces the first 64 bits prefix FE80 with the prefix that was sent in the RA M The IPv6 parameter has been activated MI The Automatic configuration parameter has been activated o To configure the assignment of IPv6 addresses see gt 39 InterCon NetTool The InterCon NetTool is a software tool developed by SEH Comput ertechnik GmbH for the administration ofSEH network devices The IP Wizard of the InterCon NetTool helps you to configure the TCP IP parameters e g the IP address You can manually enter the desired IPv4 address and save it in the UTN server using the IP Wizard To configure an IPv4 address via the InterCon NetTool see 938 SEH UTN Manager You can manually enter the desired IPv4 address and save it in the UTN server using the SEH UTN Manager To configure an IPv4 address via the SEH UTN Manager see gt 37 myUTN Control Center You can manually enter the desired IP address and save it in the UTN server using the myUTN Control Center Requirements myUTN User Manual Windows General Information e To configure an IPv4 address via the myUTN Control Center see gt 37 e To configure an IPv6 address via the myUTN Control Center see gt 39 mg
12. 3 key 3 4 key4 The max number of characters depends on the selected key type 64 ASCII 5 64 HEX 10 128 ASCII 13 128 HEX 26 8 63 characters Default SEH blank blank Appendix Parameter List Description Defines the SSID The ID of a wireless network is referred to as SSID Service Set Identifier or network name Each wireless LAN has a configurable SSID in order to clearly identify the wireless network Defines the encryption method to be used to protect the access to the WLAN Defines the WEP key to be used Defines the WEP keys Four WEP keys are available You can enter the following characters Hexadecimal 0 9 a f A F ASCII 0 9 a z A Z Defines the Pre Shared Key PSK for Wi Fi Protected Access WPA 139 myUTN User Manual Windows Parameters Value Default wifi_roaming on off off Roaming wifi_dbmroam 0 100 0 Roaming level 1 3 characters 0 9 Appendix Parameter List Description Enables disables the use of roaming Roaming refers to the moving of one radio cell to the next The UTN server will use the access point that has the stron gest signal If the UTN server moves towards the sphere of another access point the UTN server switches automatically and without loss of connection to the next radio cell Defines the transmission power in dBm of the UTN server Tabelle 35 Parameter List Display panel myUTN 800 only
13. Device Settings 4 3 Howto Configure the Device Time You can control the device time of the UTN server via a time server SNTP server in the network A timeserver is a computer networking device that reads the actual time from a reference clock and distrib utes this information to its clients In the UTN server the time server is defined via the IP address or the host name The UTN server uses UTC Universal Time Coordinated as a basis UTC is a reference time and used as a time standard The time received by the time server does not necessarily correspond to your local time zone Deviations from your location and the resulting time difference including country specific particularities such as Daylight Saving Time can be handled by means of the Time zone parameter M A time server is integrated into the network Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Date Time an 3 Tick Date Time 4 Enter the IP address or the host name of the time server into the Time server box The host name can only be used if a DNS server was configured beforehand 5 Select the code for your local time zone from the Time zone list 6 Click Save amp Restart to confirm The settings are saved 4 4 Howto Configure the UTN SSL Port A common port will be used for the data transfer between the UTN server and the client Depending on the type of connection two port variants are available Unencr
14. Encryption 1 characters be used for SSL TLS connec tions 1 low 56 bit 2 medium 128 bit 3 high 128 256 bit 4 compatible 40 256 bit Do not use the encryption level Low if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center Tabelle 19 Parameter List Web access Parameters Value Default Description http_pwd max 64 characters blank Defines the password for the Password a z A Z 0 9 administrative access to the myUTN Control Center http_allowed on off on Defines the permitted type of Permitted connection HTTP HTTPS to connection the myUTN Control Center If HTTPS is exclusively cho sen as the connection type http_allowed off the administrative access to the myUTN Control Center is pro tected via SSL TLS Tabelle 20 Parameter List USB device type blocking Parameters Value Default Description utn_hid on off on De activates the blocking of Disable input input devices HID human devices HID interface devices class on no blocking off blocking myUTN User Manual Windows 127 myUTN User Manual Windows Tabelle 21 Parameter List TCP port access Parameters protection Port access control protection_test Test mode protection_level Security level ip_filter_on_1 ip_filter_on_8 IP address ip_filter_1 ip_filter_8 IP address hw_filter_on_1 hw_filter_on_8 MAC address hw_filter_1
15. If this is not the case the UTN server assigns itself an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf Once the UTN server has automatically received an IP address via a boot protocol you can save a freely definable IP address in the UTN server The UTN server s assigned IP address can be determined and changed using the software tools SEH UTN Manager and Inter Con NetTool see gt 18 Different methods for the assignment of the IP address are described in the following e ZeroConf 91215 e BOOTP 9815 e DHCP gt 15 e Auto Configuration IPv6 Standard gt 16 e InterCon NetTool gt 16 e SEH UTN Manager gt B16 e myUTN Control Center gt 16 e ARP PING 9817 Requirements Requirements myUTN User Manual Windows General Information ZeroConf If no IP address can be assigned via boot protocols the UTN server assigns itself an IP address via ZeroConf For this purpose the UTN server picks an IP address at random from the address range 169 254 0 0 16 which is reserved for ZeroConf EE LT a You can use the domain name service of Bonjour for the name reso lution of the IP address see gt 43 BOOTP The UTN server supports BOOTP which means that the IP address of the UTN server can be assigned via a BOOTP server MI The BOOTP parameter has been enabled see gt B36 MI A BOOTP server is available in the
16. Parameters Value Default dis_def 1 2 characters SD Identifier display A Z 0 9 panel dis_pwr on off on Display error if only one power supply provides power disp_sdc on off on Display SD card errors Description Defines the identifier shown in the display panel on the front side of the Dongleserver Enables disables the display of error messages in the display panel if the UTN server only is supplied by one power supply Errors are displayed in codes see 92143 Enables disables the display of error messages in the display panel if no SD card is inserted into the UTN server or if the SD card cannot be used Errors are displayed in codes see 927143 140 myUTN User Manual Windows Appendix Parameter List Tabelle 36 Parameter List Acoustic signal only myUTN 800 Parameters Value Default Description beepPwr on off off Enables disables the acoustic Only one power signal that sounds if the UTN supply provides server only is supplied by one power power supply beepSDc on off off Enables disables the acoustic SD card error signal that sounds if no SD card is inserted into the UTN server or if the SD card cannot be used Tabelle 37 Parameter list SD card myUTN 800 only Parameters Value Default Description autoSync on off on Enables disables the Parameter backup automatic parameter backup to a connected SD card 141 Appendix LED Display 8 3 LED Display The
17. Specifying the Device Assignment on the USB Port gt 91 Disabling the USB Port Access Control gt 91 Blocking access to USB devices If you want to control the access to a USB device you must specify a key for the USB port via the myUTN Control Center Proceed as follows 1 2 3 4 5 Start the myUTN Control Center Select SECURITY USB port access Select the entry Port key control from the Method list of the relevant USB port Click Generate key or enter a freely definable key into the Key box a maximum of 64 ASCII characters Click Save to confirm The settings are saved Access to the USB device is protected Unblocking access to USB devices In order for a user to gain access to a USB device that is protected by means of the USB port key control an appropriate key must be entered on the client via the SEH UTN Manager Proceed as follows 1 2 3 Start the SEH UTN Manager Select the UTN server from the selection list Select the command Set USB Port Keys from the UTN server menu bar The Set USB Port Keys dialog appears Enter the key for the relevant USB port Click OK The access to the USB port is shared The USB port and the connected USB device are shown in the selection list and can be operated 90 myUTN User Manual Windows Security Specifying the Device Assignment on the USB Port To prevent manipulations by switching the USB devices on the UTN server
18. User name Defines the name of the SNMP user Password Defines the password of the SNMP user Hash Defines the hash algorithm Access rights Defines the access rights of the SNMP user Encryption Defines the encryption method 3 5 Howto Configure Bonjour Bonjour allows the automatic recognition of computers devices and network services in TCP IP based networks The UTN server uses the following Bonjour functions e Checking the IP address assigned via ZeroConf e Assignment of host names to IP addresses e Location of server services without knowledge of the device s host name or IP address When checking the IP address assigned via ZeroConf see ZeroConf gt B15 the UTN server sends a query to the network If the IP address has already been assigned elsewhere in the network the UTN server will receive a message The UTN server then sends 43 POP3 myUTN User Manual Windows Network Settings another query with a different IP address If the IP address Is avail able it is saved in the UTN server The domain name service is used for additional Bonjour features Since there is no central DNS server in Bonjour networks each device and application has its own small DNS server This integrated DNS server mDNS collects and administers the information of all participants in the net In addition to the features of a classical DNS server the mDNS server also saves the IP address the service name and the offered services
19. e Program Structure gt 27 e Functions gt 28 Automatisms The SEH UTN Manager supports among other things the following automatisms e Autostart Upon booting the user s computer the SEH UTN Manager is activated e Auto Connect This function enables the automatic activation of a permanent connection to a port and the connected USB device when you start the operating system myUTN User Manual Windows 21 What Are the Differences Between the Versions myUTN User Manual Windows Administration Methods e Auto Disconnect This functionality allows for the automatic deactivation of a USB port and the connected USB device after a time defined e Print On Demand A connection between the USB port or the connected USB device printer or multifunction printer and the client will be automatically created as soon as a print job is received After completion of the print job the connection will be automatically disabled e Creating a UTN Action UTN Actions are small programs used for the automatic activation and deactivation of port connections UTN Actions can also automate the starting and closing of an application in combination with a port connection e Additional Tool utnm This tool is used for the activation and deactivation of port connections To this purpose commands are entered and run in the command line interface of the operating system As an alternative a script will be written SEH UTN
20. hw_filter_8 MAC address Value on off on off protec_utn protec_tcp protec_all on off valid IP address on off valid hardware address Default off on protec_ utn off blank off 00 00 00 00 00 00 Appendix Parameter List Description Enables disables the locking of the selected ports Enables disables the test mode The test mode allows you to test the parameters set using the access control If the test mode is activated the access protection remains active until the UTN server is rebooted Specifies the port types to be locked UTN ports TCP ports all ports IP ports Enables disables an excep tion from the port locking Defines elements that are excluded from port locking using the IP address Enables disables an excep tion from the port locking Defines elements that are excluded from port locking using the hardware address 128 myUTN User Manual Windows Tabelle 22 Parameter List UTN port Parameters Value Default utn_port 1 9200 9200 UTN port 1 4 characters 0 9 utn_sslport 1 9443 9443 UTN SSL port 1 4 characters 0 9 Tabelle 23 Parameter List Encryption Parameters Value Default utn_sec_1 on off off utn_sec_20 USB port Appendix Parameter List Description Defines the number of the UTN port Defines the number of the UTN SSL port Description Enables disables the SSL TLS encryption of the
21. n represents the hexa decimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields con tain all zeros 0 In this case two colons are used 125 myUTN User Manual Windows Parameters ipv6_gate Router ipv6_plen Prefix length ipv6_auto Automatic configuration Tabelle 17 Parameter List Bonjour Parameters bonjour Bonjour bonjour_name Bonjour name Value nininininininin 0 64 1 2 characters 0 9 on off Value on off max 64 characters a z A Z 0 9 Default 64 on Default on Default name Appendix Parameter List Description Defines the IPv6 unicast address of the router The UTN server sends its Router Solicitations RS to this router Defines the length of the sub net prefix for the IPv6 address Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The deci mal number is separated by Te Enables disables the auto matic assignment of the IPv6 address for the UTN server Description Enables disables the Bonjour service Defines the Bonjour name of the UTN server 126 Appendix Parameter List Tabelle 18 Parameter List SSL Connections Parameters Value Default Description security 1 4 2 Defines the encryption level to
22. 00 cece eee 116 InterCon NetTool UTN Server in BIOS Mode 147 156 myUTN User Manual Windows 8 9 Glossary A Acoustic Signals 60 Address Hardware address 121 IP address 121 MAC address 121 Ad Hoc mode 51 ARP PING 17 Authentication 48 49 101 Auto Backup 110 Auto Connect 21 72 Auto Disconnect 22 73 Automatisms 21 72 Auto Connect 21 72 Auto Disconnect 73 Auto Disonnect 22 Autostart 21 Print On Demand 74 UTN Action 22 75 utnm 22 151 Autostart 21 B Backup 110 Backup copy 110 BIOS Mode 146 Bonjour 43 BOOTP 15 Button Reset 35 113 Restart 35 118 C CA certificate 94 Certificate 93 Create 95 Display 95 Anhang Index Installation 97 Certificate request 97 Certificates Delete 100 Channel 51 Cipher Suite 84 Command line interface 151 Communication mode 51 Complete version 22 Compound USB device 68 122 Connection Types Define 86 Connection types 86 D Default certificate 93 Default name 122 Default settings 113 Descriptions 53 Device number 122 DHCP 15 Display panel 54 59 143 DNS Domain Name Service 41 Documentation 8 E EAP 101 EAP FAST 106 EAP MD5 102 EAP TLS 102 EAP TTLS 103 Email 32 58 Encryption 108 Encryption Level 84 Error states 59 143 F File lt default name_parameter txt gt 157 myUTN User Manual Windows 110 Frequency range 51 G Gateway 121 Global Selection List 79 H Hardware address 121 Host name 121 Hotline
23. 11 HTTP HTTPS 86 l Identifier 54 IEEE 802 1X 101 Improper Use 12 Infrastructure mode 51 Installation Hardware 13 InterCon NetTool 30 SEH UTN Manager 23 Intended Use 12 InterCon NetTool 30 120 Configuring parameters 31 Installation 30 IP Wizard 16 Starting 30 Structure 31 Interferences 138 IP Address 121 IP address save 14 IPv4 36 IPv4 client VLAN 63 IPv4 management VLAN 63 IPv6 39 Anhang Index L LEDs 142 Lock access 86 M MAC address 121 Maintenance 110 Minimal version 22 Mode 51 Multicast Search 65 myUTN 6 myUTN Control Center 19 Language 20 Start 19 Structure 20 Network List 65 Network settings 36 Notification service 57 58 Email 59 SNMP trap 59 Notifications 57 P Parameter file 110 Parameter list 123 Parameters Default setting 113 Display 111 Load 112 Reset 113 Save 111 Password 87 PEAP 105 PKCS 12 98 POP3 44 Port connection Activate 68 158 myUTN User Manual Windows Automate 72 Deactivate 70 Port deactivation 57 Port name 56 Print On Demand 22 74 Protection 83 Protocol BOOTP 15 DHCP 15 IPv4 36 IPv6 39 POP3 44 SMTP 45 SNMP 42 SNTP 55 SSL TLS 84 Purpose 6 R RADIUS 101 Release request 71 Remote maintenance 32 Reset 113 Restart 118 Roaming 51 Roaming level 51 S S MIME certificate 94 Script 151 SD card 110 Security 83 Security level 87 SEH UTN Manager Changing versions 27 Function overview 144 Installation 23 Start 27 Structure 2
24. Email Configure the SMTP parameters siehe Tabelle 8 gt 246 Click Save amp Restart to confirm The settings are saved FrwWh gt Tabelle 8 SMTP Parameters Parameters Description SMTP Server name Defines the SMTP server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand SMTP Server port Defines the port number used by the UTN server to send emails to the SMTP server The port number 25 is preset SMTP TLS Enables disables TLS The security protocol TLS Transport Layer Security serves to encrypt the transmission between the UTN server and the SMTP server The cipher strength is defined via the encryption level gt 84 46 Network Settings Parameters Description SMTP Sender name Defines the email address used by the UTN server to send emails Note Very often the name of the sender and the user name are identical SMTP Login Enables disables the SMTP authentication for the login SMTP User name Defines the user name used by the UTN server to log on to the SMTP server SMTP Password Defines the password used by the UTN server to log on to the SMTP server SMTP Security S MIME Enables disables the encryption and signing of emails via S MIME SMTP Signing emails Defines the signing of emails A signature created by the sender allows the recipient to verify the identity of the sender and to make sure that the email was not mo
25. If HTTPS is exclusively chosen as the connection type the adminis trative web access to the myUIN Control Center is protected by SSL TLS The cipher strength is defined via the encryption level 9884 and must not be Low SSL TLS also requires a certificate gt 93 to check the identity of the UTN server During a so called handshake the client asks for the certificate via a browser This certificate must be accepted by the browser Please refer to the documentation of your browser soft ware URLs that require an SSL TLS connection start with https Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Device access 3 In the Web area tick HTTP HTTPS or HTTPS only 4 Click Save amp Restart to confirm The setting will be saved 86 Security TCP Port Access Control Security Levels Exceptions myUTN User Manual Windows Protecting the web access via password To protect the myUIN Control Center against unauthorized web access you can use a passwort If a password is set only the start page of the myUTN Control Center can be visited and displayed If you select a menu item you will be asked to enter a password You will also be asked to enter a non definable user name Leave this field blank at the password prompt Proceed as follows Start the myUTN Control Center Select SECURITY Device access In the web area enter a password into the Password box Repe
26. Manager Versions The SEH UTN Manager is available in two versions e Complete version e Minimal version without graphical user interface The decisive difference in the complete version is the graphical user interface It shows you the program in form of graphic images and offers additional features searching for and administrating UTN servers simplified use of USB devices and much more The minimal version of the SEH UTN Manager can only be used via the command line interface and UTN Actions The minimal version can for example be used to e provide users with only certain devices with simplified activation deactivation see Creating a UTN Action Automated Port Connections and Program Starts without the SEH UTN Manager Interface gt 75 e automate the activation deactivation of port connections with scripts see Zusatztool utnm gt 150 22 What Do You Want To Do myUTN User Manual Windows Administration Methods D The complete version is recommended for general use The minimal version is to be used by experts only In both versions the service SEH UTN Service works in the back ground and becomes active after the system start The service can be controlled by means of the usual administration methods Additionally the following user groups are distinguished e users with administrative rights administrator e users without administrative rights standard user The functions Aut
27. Parameter List gt 123 e LED Display gt B142 e Information shown in the display panel myUTN 800 only 8143 e SEH UTN Manager Function Overview gt 2144 e Troubleshooting gt 8146 e Additional Tool utnm gt e Abbildungsverzeichnis gt e Index 9156 me 151 155 mg myUTN User Manual Windows 119 What Information Do You Need myUTN Control Center InterCon NetTool SEH UTN Manager myUTN User Manual Windows Appendix Glossary 8 1 Glossary The glossary contains information about manufacturer specific software solutions and terms from the world of network technology Manufacturer Specific Software Solutions e myUTN Control Center gt 2120 e InterCon NetTool 8120 e SEH UTN Manager gt 8120 Network Technology e Hardware Address gt 8121 e IP Address 5121 e Host name gt B121 e Gateway gt B121 e Subnet Mask gt 8121 e Default Name gt 8122 Miscellaneous e Compound USB Device gt 8122 The UTN server can be configured and monitored via the myUTN Control Center The myUTN Control Center is stored in the UTN server and can be displayed by means of a browser software z B Internet Explorer The software InterCon NetTool has been developed by SEH Com putertechnik GmbH for the administration of SEH network devices within a predefined network The software tool SE
28. a network device they must authenticate themselves in the network After the authentication was successful the access to the network will be freed The standard IEEE 802 1X is based upon the EAP Extensible Authen tication Protocol EAP is a universal protocol for many authentica tion procedures EAP allows for a standardized authentication procedure between the network device and an authentication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved RADIUS Remote Authentication Dial In User Service is an authen tication and account management system that validates user login information and grants access to the desired resources The UTN server supports various EAP authentication methods in order to authenticate itself in a protected network O Configuring EAP MD5 gt 2102 O Configuring EAP TLS 8102 O Configuring EAP TTLS 8103 O O Configuring PEAP 105 Configuring EAP FAST gt 106 101 Benefits and Purpose Mode of Operation Requirements Benefits and Purpose Mode of Operation myUTN User Manual Windows Security Configuring EAP MD5 EAP MD5 validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the EAP MD5 network authentication This ensures that the UTN server gets access to protected networks EA
29. and the client will be automati cally created as soon as a print job is received After completion of the print job the connection will be automatically disabled v Mi n The SEH UTN Manager complete version is installed on the client see gt E21 The USB port is shown in the selection list see gt 67 The printer or multifunction printer is set up on the client driver installation You are logged on to the system as administrator Proceed as follows Start the SEH UTN Manager Select the port from the selection list Select Port Settings from the menu bar The Port Settings dialog appears In the Automatic device connection area tick Print On Demand Click OK The setting will be saved 74 Working with the SEH UTN Manager Creating a UTN Action Automated Port Connections and Program Starts without the SEH UTN Manager Interface You can create UTN actions UTN Actions are small programs used for the automatic activation and deactivation of port connections UTN Actions can also automate the starting and closing of an appli cation in combination with a port connection The process defined in the UTN action will run automatically after the execution of the file Since the SEH UTN Service is active in the background the user is not required to start the SEH UTN Manager interface l e UTN Actions can be used with the complete and mini mal version A wizard within the SEH UTN Manager w
30. connected to the user s client It is not possible to activate a port connection to only one of the USB devices myUTN User Manual Windows 122 Appendix Parameter List 8 2 Parameter List This chapter gives an overview of all available parameters of the UTN server The parameter list gives details about the functions and val ues of the individual parameters Parameter List IPv4 912124 Parameter List IPv4 VLAN only myUTN 80 and later gt 8124 e Parameterliste IPv6 8125 e Parameter List Bonjour 92126 e Parameter List SSL Connections gt 2127 e Parameter List Web access 9127 e Parameter List USB device type blocking gt B127 e Parameter List TCP port access 21128 e Parameter List UTN port 9129 e Parameter List Encryption 2129 e Parameter List USB port access only myUTN 80 and later gt B129 e Parameter List USB port 130 What Information e Do You Need mg e Parameter List DNS gt B130 e Parameter List SNMP gt B131 mg e Parameter List Date Time gt 8132 e Parameter List Description 92132 e Parameter List Authentication gt 2133 e Parameter List POP3 only myUTN 80 and later 913134 e Parameter List SMTP only myUTN 80 and later 92135 e Parameter List Notification only myUTN 80 and later 5136 e
31. encrypt the data transfer between the clients and the UTN server and the connected USB devices gt Only payload will be encrypted Control and log data will be trans mitted without encryption Encrypted connection means that client and UTN server communi cate via the UTN SSL port The port number 9443 is preset To change the port number see gt 255 UTN port UTN SSL port UTN server g2 K Re pz j SSL TLS connection a USB port 1 USB port 2 Abb 16 UTN Server SSL TLS Connection in the Network To use an SSL TLS connection you must enable the encryption at the relevant USB port The cipher strength is defined via the encryption level 84 Proceed as follows Start the myUTN Control Center Select SECURITY Encryption Enable the encryption at the USB port Click Save to confirm The data between the clients and the USB device will be transferred in an encrypted way Fx WN gt 108 Security The encrypted connection will be displayed client side in the SEH UTN Manager under Properties gt UTN Server Device Status Properties 419216801400 __ Port name USB flash drive USB flash drive Port 1 Available Port number 1 Port status Available Auto Connect Off Devices connected Name Alcor Micro Corp Flash Drive Abb 17 SEH UTN Manager Encryption myUTN User Manual Windows 109 What Information Do You Need Automatic Backu
32. generated 5 8 Howto Manage Selection Lists for Several Participants The selection list is a central element of the SEH UTN Manager It displays all embedded UTN servers as well as the connected USB devices and shows their status These USB devices can be connected to the client via the port connection and can then be used The selection list can be edited and configured according to your needs by adding and deleting the required UTN servers By means of the type and distribution of the selection list in combi nation with the user management the administrator can control the access to the UTN servers that are available in the network All users will at first use the same global selection list As an alterna tive the administrator can provide users with user specific selection lists by means of an ini file The access can be controlled by placing predefined selection lists into user specific directories Revoking write rights to the ini file will limit and control the access to functions of the SEH UTN Man ager for individual users In the following the selection list types will be described in greater detail 78 Working with the SEH UTN Manager iG Global Selection List Abb 13 Global Selection List Global Selection List Properties of the global selection list e All users of a client use the same selection list e The users can only access the devices listed in the selection list e Unauthorized persons will
33. network Before this change of location you should reset the parameters to the default settings to install the UTN server in another network O Resetting the Parameters via the myUTN Control Center 28113 O Resetting the Parameters via the InterCon NetIool 58114 O Resetting the Parameters via the Reset Button 98114 lt a a a M By means of the reset button of the device you can reset the param eters without entering the password Resetting the Parameters via the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Default settings 3 Click Default settings A security query appears Confirm the security query The parameters are reset A 113 myUTN 50a to myUTN 250 myUTN User Manual Windows Maintenance Resetting the Parameters via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Select the UTN server from the device list 3 Select Actions Default Settings from the menu bar 4 Click Finish The parameters are reset Resetting the Parameters via the Reset Button LEDs the reset button and various ports can be found on the UTN server These components are described in the Quick Installation Guide Using the reset button you can reset the UTN server s parameter val ues to their default setting There are two procedures 1 myUTN 50a to myUTN 250 2 myUTN 800 The two procedures are each de
34. not be able to access devices that are not listed in the selection list e The selection list can only be edited by administrators om User Specific Selection List Admin specific Selection List User specit ic Selection List saved as ini files in the user specific directories Abb 14 User Specific Selection List myUTN User Manual Windows 79 Working with the SEH UTN Manager Properties of the user specific selection list e Each user has their own selection list All administrators have the same selection list e The selection list can be edited by the administrator or by users with write access e The users can access all devices listed in the selection list Pro vided that no security mechanisms have been specified via the myUTN Control Center The selection lists of the users will be saved as ini files in the following location SAPPDATA SEH Computertechnik GmbH SEH UTN Manager ini Where SAPPDATAS is an environment variable by Windows for the user By means of the command line the path for the current user can be determined as follows echo SAPPDATAS Example Windows 7 echo APPDATA returnsC Users User name AppData Roaming SEH Computertechnik GmbH SEH UTN Manager ini Complete path to the ini file C Users User name AppData Roaming SEH Computertechnik GmbH SEH UTN Manager ini What Do You Want 1 Providing the Global Selection List to All Users gt E To Do
35. ntp on off on Enables disables the use of a Date Time time server SNTP ntp_server max 64 characters pool ntp Defines a time server via the Time server a z A Z 0 9 org IP address or the host name The host name can only be used if a DNS server was configured beforehand ntp_tzone UTC GMT EST CET CE The time zone is used to Time zone EDT CST CDT ST EU equalize the difference MST MDT PST between the time received PDT etc over the time server and the local time Tabelle 29 Parameter List Description Parameters Value Default Description sys_name max 64 characters blank Defines the host name of the Host name a z A Z 0 9 UTN server sys_descr max 64 characters blank Freely definable description Description a z A Z 0 9 myUTN User Manual Windows 132 Appendix Parameter List Parameters Value Default Description sys_contact max 64 characters blank Freely definable description Contact person a z A Z 0 9 of the contact person Tabelle 30 Parameter List Authentication Parameters Value Default Description auth_typ None Defines the authentication Authentication MD5 method that is used to identify method TLS devices or users in the net TTLS work PEAP FAST auth_name max 64 characters blank Defines the name of the UTN User name a z A Z 0 9 server as saved in the authen tication server RADIUS auth_pwd max 64 characters blank Defines the password of
36. of each participant Proceed as follows Start the myUTN Control Center Select NETWORK Bonjour Configure the Bonjour parameters siehe Tabelle 6 58544 Click Save amp Restart to confirm The settings are saved EFRWN DS Tabelle 6 Bonjour Parameters Parameters Description Bonjour Enables disables Bonjour Bonjour name Defines the Bonjour name of the UTN server The UTN server uses this name for its Bonjour services If no Bonjour name is entered the default name will be used device name ICxxxxxx 3 6 Howto Configure POP3 and SMTP only myUTN 80 and later You must configure the protocols POP3 and SMTP on the UTN server so that the notification service 257 and the remote mainte nance via email gt 232 will work POP3 Post Office Protocol Version 3 is a transfer protocol that a client can use to fetch emails from a mail server POP3 is required in the UTN server to administer the UTN server via email 44 Network Settings SMTP SMTP Simple Mail Transfer Protocol is a protocol that controls the sending of emails in networks SMTP is required in the UTN server to administer the UTN server via email and to run the notification ser vice What Do You Want UO Configuring POP3 gt 245 tomes O Configuring SMTP gt E246 MP Configuring POP3 Requirements MM The UTN server is set up as user with its own email address on a POP3 server Proceed as follows 1 Start the myU
37. path utnm exe gt c command string lt command gt ay The file utnm exe can be found in the program folder of the SEH UTN Manager 152 Appendix Additional Tool utnm The following commands are supported Command Description c command string Runs a command The command is specified in greater detail by the command string The following command or strings can be used activate UTN server port number command command Activates the connection to a USB port and the string connected USB device e deactivate UTN server port number Deactivates the connection to a USB port and the connected USB device The command string eject will be used when a USB mass storage device is connected to the USB port The command string plugout will be used for all other USB devices plugin UTN server port number Activates the connection to a USB port and the connected USB device plugout UTIN server port number Deactivates the connection to a USB port and the connected USB device Corresponds to the plugging out of the device Note The command string deactivate is to be preferred e eject UTN server port number for USB mass storage devices Ejects the USB device connected to the USB port The port connection will only be deactivated if the communication has been terminated properly Note The command string deactivate is to be preferred 7 Ber SMEOCOMINESE triel tels
38. the parameters Otherwise the UTN server will load the parameter values stored on it automatic backup E112 Proceed as follows 1 Press the reset button for 5 seconds You will hear a beep The UTN server restarts The parameters are reset o 2 R Abb 18 Reset button myUTN 800 myUTN User Manual Windows 116 Maintenance 7 3 Howto Perform an Update You can carry out software and firmware updates on the UTN server Updates allow you to benefit from currently developed features What Happens In the course of an update the old firmware software will be over During an Update written and replaced by the new firmware software The parameter default settings of the device remain unchanged When Isan Update An update should be undertaken if functions do not work properly Recommended and if a new software or firmware version with new functions or bug fixes has been released by SEH Computertechnik GmbH Check the installed software and firmware version on the UTN server You will find the version number on the myUTN Control Cen terSTART page or in the product list in the InterCon NetTool Where Do Find the Current firmware and software files can be downloaded from the Update Files homepage of SEH Computertechnik GmbH http www seh technology com services downloads myutn html Every update file has its own readme file Take note of the informa tion contained in the readme file Proceed as follows Start
39. the Network ay Types and number of the USB devices to be connected can be found in the respective Quick Installation Guide myUTN User Manual Windows 7 General Information 1 2 Documentation Scope and Content This documentation describes several versions of the USB Device server as well as the Dongleservers This means that functions will be described that may not be applicable to your product Some illustra tions may differ from your device Refer to the data sheet of your UTN server model for information about the functional range of your product Please note the follow ing names of the product categories in this documentation e USB Deviceserver gt UTN server e Dongleserver gt UTN server e dongle gt USB device Structure ofthe The myUTN documentation consists of the following documents Documentation User Manual Detailed description of the myUTN configuration and administration System specific instructions for the following systems Windows Mac Linux Quick Installation Guide Pe Information about security hardware installation and the amp initial operation procedure Online Help myUTN Control Center The Online Help contains detailed information about how to use the myUTN Control Center Online Help SEH UTN Manager The Online Help contains detailed information about how to use the software tool SEH UTN Manager Document Features This documentation has been d
40. the UTN server via IPv4 client VLANs If this option is enabled the UTN server can be administrated via all VLANs The change in the SNMP access only becomes effective after a restart of the UTN server 124 myUTN User Manual Windows Parameters Value ip4vlan_mgmt_un on off tag Access via LAN untagged ipv4vlan_on_1 on off ipv4vlan_on_20 VLAN ipv4vlan_addr_1 valid IP address ipv4vilan_addr_20 IP address ipv4vian_mask_1 valid IP address ipv4vlan_mask_20 Subnet mask ipv4vlan_id_1 0 4096 1 4 characters 0 9 ipv4vlan_id_20 VLAN ID Tabelle 16 Parameterliste IPv6 Parameters Value ipv6 on off IPv6 ipv6_addr n n n n n n n n IPv6 address Default on off 192 168 0 0 255 255 255 0 Default on Appendix Parameter List Description Enables disables the administrative access to the UTN server via IPv4 packets without tag If this option is disabled the UTN server can only be administrated via VLANs Enables disables the forwarding of IPv4 client VLAN data Specifies the IP address of the UTN server within the IPv4 client VLAN Specifies the subnet mask of the UTN server within the IPv4 client VLAN Specifies the ID for the identification of the IPv4 client VLAN Description Enables disables the IPv6 functionality of the UTN server Defines a UTN server IPv6 unicast address assigned manually in the format n n n n n n n n Every
41. the myUTN Control Center Select MAINTENANCE Update Click Browse Select the update file Click Install The update is executed The UTN server will be restarted ENANS myUTN User Manual Windows 117 What Do You Want To Do myUTN User Manual Windows Maintenance 7 4 Howto Restart the UTN Server The UTN server will automatically restart after changes to the parameters or after an update If the UTN server is in an undefined state it can also be manually restarted O Restarting the UTN Server via the myUTN Control Center 8118 O Restarting the UTN Server via the InterCon NetTool 8118 O Restarting the UTN server via the restart button only myUTN 800 21118 Restarting the UTN Server via the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Restart 3 Click Restart The UTN server will be restarted Restarting the UTN Server via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Select the UTN server from the device list 3 Select Actions Restart from the menu bar 4 Click Finish The UTN server will be restarted Restarting the UTN server via the restart button only myUTN 800 Proceed as follows 1 Press the restart button of the device for a short time The UTN server will be restarted 118 Appendix 8 Appendix What Information e Glossary gt H120 Eo eniveee
42. these options once an IP address has been assigned to the UTN server IP Address IP address of the UTN server Subnet mask Subnet mask of the UTN server Gateway Gateway address of the UTN server Configuring IPv4 Parameters via the SEH UTN Manager MI The SEH UTN Manager complete version is installed on the client see 2821 M The UTN server is shown in the selection list see gt 67 Proceed as follows 1 Start the SEH UTN Manager 2 Select the UTN server from the selection list 3 Select UTN Server Set IP Address from the menu bar The Set IP Address dialog appears 4 Enter the relevant TCP IP parameters Click OK The settings are saved on 37 Requirements myUTN User Manual Windows Network Settings Configuring IPv4 Parameters via InterCon NetTool M The InterCon NetTool is installed on the client see gt E M The network scan via Multicast InterCon NetTool 30 has been enabled in the M The router in the network forwards multicast requests Proceed as follows 1 Start the InterCon NetTool 2 Select the UTN server from the device list The UTN server is displayed in the device list under the filter ZeroConf with an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf Select Installation IP Wizard The IP Wizard is started The settings are saved Follow the instructions of the Wizard NetWare Wizard Printer Wizard
43. you can permanently assign USB devices to the USB ports Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY USB port access 3 Select the entry Device assignment from the Method list of the relevant USB port 4 Click Reallocate device The USB device box shows the vendor and product ID of the USB device 5 Click Save to confirm The settings are saved Only the assigned USB device can be operated on the USB port If the USB port is to create an assignment with a newly connected USB device click Reallocate device again and save your settings Disabling the USB Port Access Control You can disable the access control to the USB ports as well as the connected USB devices Proceed as follows 1 Start the myUTN Control Center 2 SelectSECURITY USB port access 3 Select the entry from the Method list of the relevant USB port 4 Click Save to confirm The USB port access control will be disabled The connected USB devices can be operated 91 myUTN User Manual Windows Security 6 5 Howto Block USB Device Types USB devices are grouped into classes according to their function For example input devices such as keyboards belong to the group Human Interface Device HID USB devices may present themselves as HID class USB devices but actually are used for abuse known as BadUSB In order to protect the UTN server you can block input devices which belong t
44. 10 How to Use the UTN Server in VLAN environ ments only myUTN 80 and later The UTN server supports the use of VLAN Virtual Local Area Net works It is useful to divide a physical network into VLANs for per formance and security reasons If a VLAN spans multiple switches you can use so called VLAN trunks VLT A VLT is used to forward data from different VLANs via a single connection Both individual ports and bundled ports can be used The UTN server supports the forwarding of VLAN data via its USB ports To do this the VLANs must be known to the UTN server After this the USB ports used for the forwarding of the data must be linked to the specified VLANs The VLANs can be used to control the access to dongle protected software myUTN 80 myUTN 800 or USB devices myUTN 250 This way a specified group of network participants can be provided with a certain amount of dongle protected software licenses or USB devices Example 6 engineers have access to 3 dongle protected CAD software licenses 3 accountants have access to one dongle protected account ing software The access by a participant to software that is not intended for this participant is excluded Note A USB port can be con nected with only one participant at a time Abb 9 USB port based assignment of VLANs O E O Entering IPv4 Management VLANs gt 2163 Entering IPv4 client VLANs gt 63 Allocating an I
45. 28 characters blank Defines the password used by Password the UTN server to log on to the SMTP server smtp_sender max 128 characters blank Defines the email address Sender name used by the UTN server to send emails Note Very often the name of the sender and the user name are identical smtp_ssl on off off Enables disables TLS TLS The security protocol TLS Transport Layer Security serves to encrypt the transmission between the UTN server and the SMTP server smtp_auth on off off Enables disables the SMTP Login authentication for the login smtp_sign on off off Enables disables the Security encryption and signing of S MIME emails via S MIME smtp_attpkey on off on Enables disables the Attach public key attachment of a public key to an email smtp_encrypt on off off Defines the signing and Full encryption encryption of emails Signing of off signing emails on encrypt 135 myUTN User Manual Windows Appendix Parameter List Tabelle 33 Parameter List Notification only myUTN 80 and later Parameters trapto_1 trapto_2 Address trapcommu_1 trapcommu_2 Community trapdev Send trap if USB devices are connected or disconnected trappup Send trap if UTN server is restarted trapact Send trap if USB ports are activated or deactivated trap_pwr Send trap if power supply is interrupted or established trap_sdinout Send trap if SD card is connected or d
46. 7 Update 27 Anhang Index Versions 22 Selection List 67 78 Self signed certificate 93 Service 11 SMTP 45 SNMP trap 58 SNMPv1 42 SNMPv3 42 SSID Service Set Identifier 51 SSL TLS connection 84 108 Subnet mask 121 Support 11 System Requirements 6 T TCP port access control 87 TCP IP 36 Test Mode 88 Time of the device 55 Time server 55 Time zone 55 Types of connection 85 100 a Update 117 USB devices Add 67 Connect 68 Disconnect 70 Request 71 Status information 77 USB Port Activate 68 Request 71 USB port Deactivate 57 70 Messages 77 Name 56 Power supply 57 Status information 77 159 myUTN User Manual Windows Anhang Index USB port device assignment 89 USB port key control 89 User Specific Selection List 79 UTC 55 UTN Action 22 75 UTN port 55 UTN SSL port 56 108 utnm 22 151 Vv Version number 117 Virtual USB ports 68 VLAN 62 IPv4 client VLAN 63 IPv4 management VLAN 63 WwW WEP Wired Equivalent Privacy 48 WPA WPA2 49 Z ZeroConf 15 160
47. A SER USB Device Server myUTN 50a Dongleserver myUTN 80 myUTN 54 myUTN 250 Dongleserver myUTN 800 User Manual Windows Manufacturer SEH Computertechnik GmbH Suedring m Scan this QR code meCard 33647 Bielefeld using your smart phone Germany Phone 49 0 521 94226 29 Fax 49 0 521 94226 99 Document Support 49 0 521 94226 44 Type User Manual Windows Email info seh de Title USB Device Server Web http www seh de Version 3 2 Online Links to Important Websites Free Guarantee Extension http www seh technology com guarantee Support Contacts amp Information http www seh technology com support Sales Contacts amp Information http www seh technology com sales Downloads http www seh de services downloads myutn html nterCon is a registered trademark of SEH Computertechnik GmbH SEH Computertechnik GmbH has endeavored to ensure that the information in this documentation is correct If you detect any inaccuracies please inform us at the address indicated above SEH Computertechnik GmbH will not accept any liability for any error or omission The information in this manual is subject to change without notification All rights are reserved Copying other reproduction or translation without the prior written consent from SEH Computertechnik GmbH is prohibited 2014 SEH Computertechnik GmbH All trademarks registered trademarks logos and product names are property of their respective own
48. H UTN Manager handles the access of the USB devices The software is installed on all clients that are meant to access a USB device in the network The SEH UTN Manager shows the availability of all UTN servers in the network and establishes a connection between the client and the USB port including the con nected USB device 120 Hardware Address IP Address Host name Gateway Subnet Mask myUTN User Manual Windows Appendix Glossary The UTN server is addressable by means of its world wide unique hardware address This address is commonly referred to as the MAC or Ethernet address The manufacturer has defined this address in the hardware of the device The address consists of 12 hexadecimal numbers The first six numbers represent the manufacturer while the last six numbers identify the individual device Hardware address A a 00 c0 eb 00 01 ff y y J Manufactu rer Device number The hardware address can be found on the housing in the SEH UTN Manager or in the InterCon NetTool The use of separators within the hardware address depends on the platform In Windows werden are used The IP address is the unique address of each node in a network i e an IP address may occur only once on a local network The system administrator usually assigns the IP address The address must be saved in the UTN server to make sure that it can be addressed within the network The host name is an alias for an I
49. N Control Center Select NETWORK WLAN The available WLANs are shown in the network list Decide in which WLAN you want to operate the UTN server 3 Configure the WLAN parameters in such a way that they match the parameters of the WLAN to be used siehe Tabelle 9 57 4 Tick WLAN to enable the WLAN module in the UTN server 5 Click Save amp Restart to confirm The settings are saved 6 Remove the network cable RJ 45 from the UTN server The connection to the wired network will be deactivated The UTN server automatically switches to the WLAN mode The connection to the WLAN will be established If the UTN server gets a new IP address in the course of the network change the connection to the myUTN Control Center will be inter rupted 50 Network Settings Tabelle 9 WLAN Parameters Parameters Description Mode Defines the communication mode The communication Communication mode mode defines the network structure in which the UTN server will be installed Two modes are available In the Ad Hoc mode the UTN server communicates directly with another WLAN client peer to peer The infrastructure mode is suitable for setting up large wireless networks with several devices in different rooms Communication between the devices is done via an access point which is connected to the network The access point can be protected by encryption or authenti cation Network name Defines the SSID The ID of a w
50. P MD5 describes a user based authentication method via a RADIUS server The UTN server must be defined as user with user name and password on a RADIUS server The authentication method EAP MD5 must then be enabled on the UTN server and the user name and password need to be entered MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Authentication 3 Select MD5 from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server 5 Click Save amp Restart to confirm The settings are saved Configuring EAP TLS EAP TLS Transport Layer Security validates the identity of devices or users before they gain access to network resources You can con figure the UTN server for the EAP TLS network authentication This ensures that the UTN server gets access to protected networks EAP TLS describes a certificate based authentication method via a RADIUS server For this purpose certificates are exchanged between the UTN server and the RADIUS server An encrypted TLS connection between the UTN server and the RADIUS server is established in this process Both RADIUS server and UTN server need a valid digital cer tificate signed by a CA The RADIUS server and the UTN server must 102 Procedure Benefits and Purpose myUTN User Manual
51. P address The host name uniquely identifies the UTN server in the network and makes it easier to remember Using a gateway you can address IP addresses from external net works If you want to use a gateway you can configure the relevant parameter in the UTN server via the myUTN Control Center With the help of the subnet mask large networks can be split up into subnetworks In this case the user IDs of the IP addresses are assigned to the various subnetworks The UTN server is configured not to use subnetworks by default If you want to use a subnet mask you can configure the relevant parameter in the UTN server via the myUTN Control Center 121 Appendix Glossary Default Name The default name of the UTN server is made up of the two letters IC and the device number The device number consists of the last six numbers of its hardware address Default name am IC0001 ff Device number The default name can be found in the myUTN Control Center or in the InterCon NetTool Compound USB A compound USB device consists of a hub and one or more USB Device devices that are all integrated into a single housing Dongles are often compound USB devices If a compound USB device is connected to a USB port of the UTN server in the myUTN Control Center and the selection list of the SEH UTN Manager all integrated USB devices will be displayed on the USB port When the port connection is activated all displayed USB devices will be
52. Parameter List WLAN myUTN 54 only gt 8138 e Parameter List Display panel myUTN 800 only gt 8140 e Parameter list SD card myUTN 800 only gt 2141 8 To view the current parameter values of your UTN Parameterwerte anzeigen gt 108 server see myUTN User Manual Windows 123 Appendix Parameter List Tabelle 14 Parameter List IPv4 myUTN User Manual Windows Parameters Value Default Description ip_addr valid IP address 169 254 Specifies the IP address of the IP address 0 0 16 UTN server ip_mask valid IP address 255 255 Specifies the subnet mask of Subnet mask 0 0 the UTN server ip_gate valid IP address 0 0 0 0 Specifies the gateway Gateway address of the UTN server ip_dhcp on off on Enables disables the DHCP DHCP protocol ip_bootp on off on Enables disables the BOOTP BOOTP protocol ip_auto on off on Enables disables the IP ARP PING address assignment via ARP PING Tabelle 15 Parameter List IPv4 VLAN only myUTN 80 and later Parameters Value Default ip4vlan_mgmt on off off IPv4 management VLAN ip4vlan_mgmt_id 0 4096 0 VLAN ID 1 4 characters 0 9 ip4vian_mgmt_any on off off Access from any VLAN Description Enables disables the forward ing of IPv4 management VLAN data ID for the identification of the IPv4 management VLAN 0 4096 Enables disables the administrative access web SNMP to
53. Pv4 client VLAN to a USB port gt E 64 62 myUTN User Manual Windows Device Settings Entering IPv4 Management VLANs Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK IPv4 VLAN 3 Configure the Pv4 management VLAN parameters siehe Tabelle 11 58564 Click Save to confirm The settings are saved A Tabelle 10 IPv4 management VLAN parameters Parameters Description IPv4 management VLAN Enables disables the forwarding of IPv4 management VLAN data VLAN ID ID for the identification of the IPv4 management VLAN 0 4096 IP Address IP address of the UTN server gt 37 Subnet mask Subnet mask of the UTN server gt 237 Access from any VLAN Enables disables the administrative access web SNMP to the UTN server via IPv4 client VLANs If this option is enabled the UTN server can be administrated via all VLANs The change in the SNMP access only becomes effective after a restart of the UTN server Access via LAN untagged Enables disables the administrative access to the UTN server via IPv4 packets without tag If this option is disabled the UTN server can only be administrated via VLANs Entering IPv4 client VLANs Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK IPv4 VLAN 63 myUTN User Manual Windows Device Settings 3 Configure the IPv4 VLAN parameters siehe Tabelle 11 5864 4 Click Save to confirm The settings are s
54. TN Control Center 2 Select NETWORK Email 3 Configure the POP3 parameters siehe Tabelle 7 245 4 Click Save amp Restart to confirm The settings are saved Tabelle 7 POP3 Parameters Parameters Description POP3 Enables disables the POP3 functionality POP3 Server name Defines the POP3 server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand POPS Server port Defines the port used by the UTN server for receiving emails The port number 110 is preset When using SSL TLS enter 995 as port number POP3 Security Defines the authentication method to be used APOP SSL TLS When using SSL TLS the cipher strength is defined via the encryption level gt 284 POP3 Check mail every Defines the time interval in minutes for retrieving emails from the POP3 server myUTN User Manual Windows 45 Requirements myUTN User Manual Windows Network Settings Parameters Description POP3 Ignore mail Defines the maximum email size in Kbyte to be exceeding accepted by the UTN server 0 unlimited POP3 User name Defines the user name used by the UTN server to log on to the POP3 server POP3 Password Defines the password used by the UTN server to log on to the POP3 server Configuring SMTP M The UTN server is set up as user with its own email address on a SMTP server Proceed as follows Start the myUTN Control Center Select NETWORK
55. TN Control Center by a password so that the cer tificate on the UTN server cannot be deleted by unauthorized per sons see gt E87 Both self signed and externally signed certificates can be used with the UTN server The following certificates can be distinguished e Upon delivery a self signed certificate the so called default certificate is stored in the UTN server It is recommended that you replace the default certificate by a self signed certificate or requested certificate as soon as possible e Self signed certificates have a digital signature that has been created by the UTN server 93 Security e A requested certificate is created by a certification authority CA for the UTN server on the basis of a certificate request e CA certificates are certificates that have been issued for a certi fication authority CA They are used for verifying certificates that have been issued by the respective certification authority e S MIME certificates pem file are used to sign and encrypt the emails that are sent by the UTN server The corresponding private key must be installed as an own certificate in the PKCS 12 format as p12 file in the intended email program Microsoft Outlook etc Only then can the emails be verified and displayed in the case of encryption only myUTN 80 and later The following certificates can be installed at the same time in the UTN server 1 Self signed certificate 1 requested
56. USB port If the encryption is enabled the payload between the cli ents and the USB devices that are connected to the USB ports will be transferred in an encrypted way Tabelle 24 Parameter List USB port access only myUTN 80 and later Parameters Value Default utn_heartbeat 1 1800 180 1 4 characters 0 9 utn_accctrt_1 ids utn_accctrt_20 key Method keyids max 64 characters blank utn_keyval_1 a z A Z 0 9 utn_keyval_20 Key Description This parameter can only be used after consultation with the SEH support team Specifies methods for limiting the access and use of the USB port and the connected USB device no protection ids device assignment key port key control keyids device assignment and key control Specifies the key used to protect the access to the connected USB device 129 Appendix Parameter List Parameters Value Default Description utn_vendprodIDs Shows the VID Vendor ID 1 and PID Product ID of the USB device that is assigned utn_vendprodIDs to the USB port via the device _20 assignment USB device utn_2vlan_1 0 9 0 Allocates a VLAN to the USB 1 character port utn_2vlan_20 see gt 2124 0 every Allocate VLAN 1 VLAN 1 2 VLAN 2 etc 9 none Tabelle 25 Parameter List USB port Parameters Value Default Description utn_tag_1 max 32 characters blank Freely definable description of a z A Z 0 9 the USB po
57. UTN server has LEDs The LEDs of the UTN server provide infor mation about its status ay During the activation procedure the behavior of the LEDs differs from this description LED Action Color Description Link permanently on green There is a connection to the network permanently off There is no connection to the network Activity blinks at yellow Indicates the exchange of network data irregular packets intervals Status permanently off There is no connection to a USB port and the connected USB device CAUTION If the activity LED blinks periodically at the same time the BIOS mode is signalized The UTN server is not operational in the BIOS mode see gt 146 permanently on green There is a connection to at least one USB port and the connected USB device blinks 3 times green Indicates the assignment of a ZeroConf IP address NOTE We recommend using an IP address from outside the ZeroConf range blinks 2 times green Indicates the assignment of an IP address that does not correspond to 0 0 0 0 or that comes from outside the ZeroConf range ay The UTN servers myUTN 80 myUTN 250 and myUTN 800 have different LEDs Refer to the relevant Quick Installation Guide for a description of those LEDs myUTN User Manual Windows 142 Appendix Information shown in the display panel myUTN 800 only 8 4 Information shown in the display panel myUTN 800 only The Dongleserver myUTN 800 has a display panel at it
58. Windows Security validate the certificate After the mutual authentication was suc cessful the access to the network will be freed Since each device needs a certificate a PKI Public Key Infrastruc ture must be available User passwords are not necessary If you want to use the EAP TLS authentication you must observe the instructions below in the indicated order If this procedure is not adhered to the UTN server in the network may not be addressable In this case you have to reset the parameters of the UTN server see gt 2113 e Create a certificate request on the UTN server see gt 97 e Create a certificate using the certificate request and the authentication server e Install the requested certificate on the UTN server see gt 97 e Install the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server gt 298 e Enable the authentication method EAP ILS on the UTN server Proceed as follows Start the myUTN Control Center Select SECURITY Authentication Select TLS from the Authentication method ist Select the root CA certificate from the list EAP root certificate Click Save amp Restart to confirm The settings are saved AAR WN SR Configuring EAP TTLS EAP TTLS Tunneled Transport Layer Security validates the identity of device
59. Working with the SEH UTN Manager 5 7 Howto Get Information about the USB Port and USB Device You can view the status information of the USB port and the USB device You can also configure automatic messages You will be noti fied when a USB port and the connected USB device become avail able after they have been in use O Displaying Status Information gt 1277 O Configuring Messages gt 77 Displaying Status Information MI The SEH UTN Manager complete version is installed on the client see gt E21 Mi The USB port is shown in the selection list see gt 167 Proceed as follows 1 Start the SEH UTN Manager 2 Select the USB port from the selection list The status information is displayed in the Properties area Configuring Messages MI The SEH UTN Manager complete version is installed on the client see 2821 M The USB port is shown in the selection list see gt 167 Proceed as follows 1 Start the SEH UTN Manager 2 Select the port from the selection list 3 Select Port Settings from the menu bar The Port Settings dialog appears 4 Tick the option under Messages 5 Click OK 77 What are Selection Lists Benefits and Purpose myUTN User Manual Windows Working with the SEH UTN Manager The setting will be saved As soon as a network participant disables the connection to the USB port and the connected USB device desktop alert will be
60. accept any liability for per sonal injuries property damages and consequential damages result ing from the non observance of the mentioned safety regulations and warnings SEH Computertechnik GmbH will not accept any lia bility for loss of data property damages and consequential damages resulting from the non observance of the mentioned safety regula tions and warnings The UTN serveris used in TCP IP networks myUTN allows you to access non network ready USB devices in the network The UTN server has been designed for use in office environments All uses of the device that do not comply with the myUTN function alities described in the documentation are regarded as improper uses It is not allowed to make modifications to the hardware and software or to try to repair the device Before starting the initial operation procedure of the UTN server please note the safety regulations in the Quick Installation Guide The Quick Installation Guide is enclosed in the packaging Read and observe all warnings mentioned in this document Warn ings are found before any instructions known to be dangerous They are presented as follows Warning myUTN User Manual Windows General Information 1 5 First Steps This section provides all the information that you need for a fast operational readiness Proceed as follows 1 2 Read and observe the security regulations in order to avoid damages to people and devices see 9812
61. ance of at least five channels should exist between two channels Keep yourself informed about national provisions regarding the use of WLAN products and only use authorized channels myUTN User Manual Windows 51 Network Settings Parameters Description Encryption method see WLAN Security gt 348 Authentication method see Authentication gt 49 Connecting the UTN Server to the Wired Network To establish a connection to a wired network connect the network cable RJ 45 to the UTN server The UTN server automatically switches to the wired network N myUTN User Manual Windows 52 What Information Do You Need myUTN User Manual Windows Device Settings 4 Device Settings e How to Determine a Description gt 53 e How to Assign an Identifier Shown in the Display Panel myUTN 800 only gt 1254 e How to Configure the Device Time gt 85 e How to Configure the UTN SSL Port gt e How to Assign a Name to a USB Port gt on mg 55 56 mg e How to Deactivate a USB Port only myUTN 80 and later gt B 57 eH mg w to Use the Notification Service only myUTN 80 and later 57 e How to Get Error Messages via the Display Panel myUTN 800 only gt 59 e How to Configure Acoustic Signals myUTN 800 only gt 60 ll e How to Use the UTN Server in VLAN environments only myUTN 80 and later
62. apter Informationen im Anzeigefeld nur myUTN 800 gt 143 Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 In the Display panel area tick the options with the desired message types The settings are saved gt fe If there is no error state i e the UTN server is operational the iden tifier is displayed S154 507 B oyo The optional acoustic signals ideally complement the error messages in the display panel For further information see gt 62 4 9 How to Configure Acoustic Signals myUTN 800 only The myUTN 800 Dongleserver gives acoustic feedback when e a USB dongle is connected to the UTN server e the UTN server restarts e the parameters are reset These acoustic signals cannot be turned off Optionally further acoustic signals can be configured for when e only one power supply works e an SD card error exists read and write errors no SD card 60 myUTN User Manual Windows Device Settings Tez These optional acoustic signals ideally complement the error mes sages in the display panel gt 59 E Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 In the Acoustic signal area tick the options with the desired message types The settings are saved 61 Benefits and Purpose What Do You Want To Do myUTN User Manual Windows Device Settings 4
63. at the password Click Save amp Restart to confirm The setting will be saved EARWN gt 6 3 Howto Control Access to the UTN Server TCP Port Access Control You can control the access to the UTN server To do so various TCP port types on the UTN server can be locked Network elements that have permission to access the UTN server can be defined as excep tions and excluded from locking The UTN server only accepts data packets from network elements defined as exceptions The port types to be blocked must be defined in the Security level area The following categorization can be selected e Lock UTN access locks UTN ports e Lock TCP access locks TCP ports HITP HTTPS UTN e Lock all locks IP ports In order to exclude network elements e g clients DNS server SNTP server from port locking they must be defined as exceptions To do so the IP addresses or MAC addresses hardware addresses of the net 87 Test Mode myUTN User Manual Windows Security work elements with access rights must be entered in the Exceptions area Please note e MAC addresses are not delivered through routers e The use of wildcards allows you to define subnetworks The test mode allows you to check the configured access protec tion If the test mode is activated access protection remains active until the UTN server is rebooted After restarting the protection is no longer effective The test mode optio
64. ating System Boot Auto Connect The feature automatically establishes a permanent connection to a USB port and the connected USB device without the need for a user to log on to the client The connection will be e activated upon the operating system startup and terminated when the system shuts down e automatically reestablished when the system restarts MI The SEH UTN Manager complete version is installed on the client see 921 MI The USB port is shown in the selection list see gt 67 M You are logged on to the system as administrator Proceed as follows 1 Start the SEH UTN Manager 2 Select the port from the selection list 72 Requirements myUTN User Manual Windows Working with the SEH UTN Manager 3 Select Port Settings from the menu bar The Port Settings dialog appears 4 Tick Activates the device automatically after the SEH UTN Manager program start Auto Connect 5 Click OK The setting will be saved Automatically Disconnect the Port Connection after the Time Defined Auto Disconnect This function allows you to automatically disconnect the connection to a USB port after the time defined A one off prolongation of the connection by the duration of the defined time can be optionally activated The settings apply to all USB ports on a UTN server Two minutes before the expiration of the defined time the user will receive a message telling them to close the connection to the USB por
65. aved Tabelle 11 IPv4 client VLAN parameters Parameters Description VLAN Enables disables the forwarding of IPv4 client VLAN data IP Address IP address of the UTN server within the IPv4 client VLAN Subnet mask Subnet mask of the UTN server within the IPv4 client VLAN VLAN ID ID for the identification of the IPv4 client VLAN 0 4096 Auto fill All VLAN IP address and Subnet mask fields will be filled with the values from line 1 The VLAN ID will be counted up by 1 Allocating an IPv4 client VLAN to a USB port Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY USB port access 3 Allocate a VLAN to the USB port via the Allocate VLAN list 4 Click Save to confirm The settings are saved 64 What Information Do You Need What Do You Want To Do myUTN User Manual Windows Working with the SEH UTN Manager 5 Working with the SEH UTN Manager e How to Find UTN Servers USB Devices in the Network gt 65 e How to Add UTN Servers USB Devices to the Selection List gt E67 e How to Connect a USB Port including USB Device to a Client 268 e How to Cut the Connection between the USB Port including USB Device and the Client gt I370 e How to Request an Occupied Device gt 271 jo mg Il e How to Automate Port Connections and Program Starts gt 72 e How to Get Information about the USB Port and USB Device
66. card is already inserted into the SD card reader and ready for use installation or formatting are not required By means of the backup the whole configuration can be quickly and easily loaded to other UTN servers e g when exchanging a UTN server Parameter values passwords and certificates will be loaded automatically from the SD card to a Dongleserver myUTN 800 after a cold start of the UTN server Displaying Parameter Values gt 111 Saving the Parameter File gt 2111 Loading the Parameter file onto the UTN Server 921112 Automatic backup myUTN 800 only gt 112 E O O O Displaying Parameter Values Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Parameter backup 3 Click the icon Q The current parameter values are displayed ay 3 A detailed description of the parameters can be found in the Parameterliste gt 2121 Saving the Parameter File Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Parameter backup 111 Requirements myUTN User Manual Windows Maintenance 3 Click the icon amp The current parameter values are displayed 4 Save the lt default name gt _parameters txt file on a local system with the help of your browser The parameter file is copied and secured Loading the Parameter file onto the UTN Server Proceed as follows Start the myUTN Control Center S
67. cast addresses choose one interface out of many A packet that is dedicated to an anycast address arrives at the nearest interface in line with the router metrics Anycast addresses are only used by routers Multicast addresses allow you to send data packets to different interfaces at the same time without a proportional increase of the bandwidth A multicast address can be recognized by the prefix ff Proceed as follows FAUN Start the myUTN Control Center Select NETWORK IPv6 Configure the IPv6 parameters siehe Tabelle 3 gt 40 Click Save amp Restart to confirm The settings are saved Tabelle 3 IPv6 Parameters Parameters Description IPv6 Enables disables the IPv6 functionality of the UTN server Automatic configuration Enables disables the automatic assignment of the IPv6 address for the UTN server 40 Network Settings myUTN User Manual Windows Parameters Description IPv6 address Defines a UTN server IPv6 unicast address assigned manually in the format n n n n n n n n Every n represents the hexadecimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are used Router Defines the IPv6 unicast address of the router The UTN server sends its Router Solicitations RS to this router Prefix length Defines the length of the subnet prefi
68. ceed as follows 1 Start the myUTN Control Center 2 Select DEVICE USB port 3 Enter the preferred name into the Port name field 4 Click Save amp Restart to confirm 56 Benefits and Purpose myUTN User Manual Windows Device Settings The settings are saved 4 6 Howto Deactivate a USB Port only myUTN 80 and later You can enable or disable a USB port This is done by interrupting and re establishing the power supply The power supply for the USB ports is enabled by default Disable unused USB ports in order to ensure that unwanted USB devices cannot be connected to the network This function also allows you to turn a USB device off and on again without having to manually remove or reconnect it USB devices that are in an undefined state can be restarted by interrupting and re establishing the power supply of the USB port Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE USB port 3 Tick clear the option in front of the USB port 4 Click Save amp Restart to confirm The power supply of the USB port is established or interrupted 4 7 Howto Use the Notification Service only myUTN 80 and later You can get notifications in the form of emails or SNMP traps from the UTN server By means of these notifications up to four recipients can be informed about various events irrespective of time and loca tion The following message types are possible e The status email perio
69. certificate 1 32 CA certifcates 1 PKCS 12 certificate 1 S MIME certificate only myUTN 80 and later You can also generate a certificate request for a CA certificate All certificates can be deleted separately Client certificates status Self signed certificate Installed Q B Client certificate Not installed Certificate request Not generated S MIME certificate Not installed CA certificates status Owner Issuer EAP Common name Hash Common name Hash Root Abb 15 myUTN Control Center Certificates myUTN User Manual Windows 94 What Do You Want To Do Requirements myUTN User Manual Windows Security O Displaying Certificates 1295 Creating a Self Signed Certificate gt 95 Creating a Certificate Request for a Requested Certificate gt 97 Installing the Requested Certificate in the UTN Server gt 97 Installing the CA Certificate in the UTN Server gt 98 Installing the PKCS 12 Certificate in the UTN Server gt 98 Saving S MIME Certificates in the UTN Server only myUTN 80 and later gt 2199 O Deleting Certificates gt 100 OO mg OoOoadda Displaying Certificates Certificates installed on the UTN server and certificate requests can be displayed and viewed M A certificate is installed on the UTN server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Select the ce
70. connection for some automatisms can be automatically disconnected 572 O Cutting the Device Connection via the SEH UTN Manager gt 70 O c D ting the Device Connection via the myUTN Control Center 70 mH S Cutting the Device Connection via the SEH UTN Manager M The SEH UTN Manager complete version is installed on the client see 2821 MI The USB port is shown in the selection list see gt 67 MI The USB port is connected to your client Proceed as follows 1 Start the SEH UTN Manager 2 Select the port from the selection list 3 Select Port Deactivate from the menu bar The connection will be deactivated Cutting the Device Connection via the myUTN Control Center E Proceed as follows 1 Start the myUTN Control Center 2 Select START 3 Choose the active connection from the Attached devices list and click the amp icon 70 Working with the SEH UTN Manager 4 Confirm the security query The connection will be deactivated 5 5 How to Request an Occupied Device You can request a USB device that is being actively used by another user To this purpose send a release request for the USB port to which the USB device is connected The other user will be informed about your request via a popup win dow The user can then terminate the connection to the USB port When the USB port is shared the connection between the USB port and your client will be establishe
71. ctly to the client should have been met on the client Ideally the USB device has been connected and operated on the client locally according to the instructions of the manufacturer 68 Working with the SEH UTN Manager Mi The USB port is not connected to another client Proceed as follows Start the SEH UTN Manager 1 2 Select the port from the selection list 3 Select Port Activate from the menu bar The connection will be established myUTN User Manual Windows Activate Deactivate Deactivate Request Remove Create UTN Action g Settings Properties Port name USB flash drive Port number 1 Port status Available Additional features Encryption off Automatisms Auto Connect Off Devices connected gt Name Alcor Micro Corp Flash Drive Activates the selected port Abb 11 SEH UTN Manager Activating the Device 69 What Do You Want To Do Requirements myUTN User Manual Windows Working with the SEH UTN Manager 5 4 Howto Cut the Connection between the USB Port including USB Device and the Client Close the connection to the USB port and the connected USB device when the USB device is no longer needed This allows other network participants to access the USB port and the connected USB device Usually the connection is cut by the user via the SEH UTN Manager The administrator can also cut the connection via the myUTN Con trol Center In addition the
72. d automatically Requirements MM The SEH UTN Manager complete version is installed on the client see gt 221 MI The SEH UTN Manager complete version is installed on the client of the user who uses the USB device see gt E21 MI The SEH UTN Manager complete version is executed on both clients MI The USB port is shown in the selection list see gt 167 M The USB port is connected to another client Proceed as follows 1 Select the port from the selection list 2 Select Port Request from the menu bar The release request will be sent myUTN User Manual Windows 71 What Do You Want To Do Requirements myUTN User Manual Windows Working with the SEH UTN Manager 5 6 Howto Automate Port Connections and Program Starts You can automate the connections to USB ports including con nected USB devices and program starts in many ways This is done by various automatisms O Permanent Port Connection after Operating System Boot Auto Connect S372 O Automatically Disconnect the Port Connection after the Time Defined Auto Disconnect gt 873 O Automatically Creating a Connection between the USB Port and the Client when a Print Job is Received Print On Demand gt 874 O Creating a UTN Action Automated Port Connections and Program Starts without the SEH UTN Manager Interface 875 O Using the Additional Tool utnm gt B150 Permanent Port Connection after Oper
73. dates an existing SEH UTN Manager If no SEH UTN Manager is installed it will be installed using the default installation settings V1 Enables command line logging Provides installation information to help troubleshoot installation issues V2 Creates a log file in the installation directory Provides installation information to help troubleshoot installation issues V3 Enables command line logging and creates a log file in the installation directory Provides installation information to help troubleshoot installation issues Le Shows the help page ay The capitalization of the commands is mandatory myUTN User Manual Windows 26 myUTN User Manual Windows Administration Methods Programm Start To start the SEH UTN Managers double click the SEH UTN Manager icon The icon is found on the desktop or the Windows start menu Start gt All Programs gt SEH Computertechnik GmbH gt SEH UTN Manager Changing Versions If the minimal oder complete version of the SEH UTN Manager is already installed on your system and you want to change to the other version you must first uninstall the existing version Update You can get information about the update status of the SEH UTN Manager If an update is available the installation file can be copied to the computer and the program can be installed In the case of updates the default settings are modified according to the existing version Program Structure Afte
74. dically informs the recipient about the status of the UTN server and the connected USB devices 57 What Do You Want To Do Requirements myUTN User Manual Windows Device Settings e The event notification informs you about a specific event on the UTN server via email or SNMP trap The event can be 0 6 0 6 0 C The restart of the UTN server The connection disconnection of a USB device to from the UTN server The activation deactivation of a USB port The interruption or establishment of power supply myUTN 800 only The connection disconnection of a SD card to from the UTN server myUTN 800 only The unusability of an SD card myUTN 800 only onfiguring the sending of status emails gt 58 onfiguring event notifications via email gt 59 onfiguring event notifications via SNMP traps gt 259 Configuring the sending of status emails Mi SMTP parameters have been configured on the UTN server see S MA B44 DNS server has been configured on the UTN server see 91241 For the notification service you can specify up to two email recipi ents Proceed as follows EMAARWN gt Th Start the myUTN Control Center Select Device Notification Enter the recipient into the Email address box Tick the desired recipient in the Status email area Specify the interval Click Save amp Restart to confirm e settings are saved 58 Requirements myUTN User Man
75. dified An S MIME certificate is required for the signing of emails 293 SMTP Full encryption Defines the encryption of emails Only the recipient can open and read the encrypted email An S MIME certificate is required for the encryption gt 293 SMTP Attach public key Sends the public key together with the email Many email clients require the public key to be attached in order to view the emails myUTN User Manual Windows 47 Network Settings 3 7 Howto Configure WLAN myUTN 54 only The UTN server model myUTN 54 can handle WLAN This allows you to wirelessly operate the UTN server in the network Whatis WLAN WLAN is a radio technology that allows you to establish wireless connections between network components The WLAN technology is defined as a standard of the IEEE 802 11 family The myUTN 54 sup ports the standards IEEE 802 116 802 11g and IEEE 802 11n To make use of the radio technology the myUTN 54 has additional parameters gt 51 You can view the current WLAN settings in the myUTN Control Center under the menu item NETWORK WLAN Connection Status The following icons in the myUTN Control Center indicate the cur rent connection status UTN server in the wireless network P lt UTN server in the wired network WLAN Security Make sure that no unauthorized user logs on to the Wireless LAN and that no one has access to the Internet or network resources Your UTN server offers several security mechanisms
76. ding USB Device to a Client A USB device that is connected to the UTN server can be connected to the client To this purpose the user establishes a connection between the client and the USB port of the UTN server to which the USB device is connected The USB device can then be used by the client as if the USB device was directly connected to the client When connecting certain USB devices to a USB port of the UTN server the selection list displays several USB devices on this port These are so called compound USB devices They consist of a hub and one or more USB devices that are all integrated into a single housing If the connection is established to a port with a connected com pound USB device all USB devices shown will be connected to the user s client In this case each integrated USB device occupies a vir tual USB port of the UTN server The number of these virtual USB ports is limited depending on the UTN server model If the limit is reached no further USB devices can be used on this UTN server Tabelle 12 Virtual USB ports Number of virtual Number of virtual UTN server USB ports UTN server USB ports myUTN 50a 6 myUTN 250 12 myUTN 54 8 myUTN 800 40 myUTN 80 16 MI The SEH UTN Manager complete version is installed on the client see 29821 Mi The USB port is shown in the selection list see gt 67 M All provisions driver installation etc necessary to operate the USB device locally i e connected dire
77. e User Specific Selection List gt 79 The administrators share one selection list 81 Requirements myUTN User Manual Windows Working with the SEH UTN Manager Providing Users with a Predefined Selection List MI The SEH UTN Manager complete version is installed on the client see 2821 MI You are logged on to the system as administrator Proceed as follows 1 Start the SEH UTN Manager 2 Compose the selection list for the user see How to Add UTN Servers USB Devices to the Selection List 3867 3 Select Program Options from the menu bar The Options dialog appears 4 Select the Selection List tab 5 Tick User selection list 6 Click OK The setting will be saved 7 Select Selection List Export from the menu bar The Export to dialog appears 8 Save the file SEH UTN Manager ini using the following path SAPPDATAS SEH Computertechnik GmbH SEH UTN Manager ini See User Specific Selection List gt 79 Each user has access to their own predefined selection list Protecting the user specific selection list When using predefined user specific selection lists we recommend protecting the selection list against modifications by the user The selection list of a user is stored as SEH UTN Manager ini file in the following location SAPPDATAS SEH Computertechnik GmbH SEH UTN Manager ini See User Specific Selection List gt 79 Use the contr
78. e BIOS mode if the firmware functions well but the software is faulty This may happen in the case of an incorrect software update for example The UTN server signalizes the BIOS mode if e the activity LED yellow blinks periodically and e the status LED green is not active The UTN server is not operational in the BIOS mode If the UTN server is in the BIOS mode the filter BIOS Mode will be created automatically in the device list of the InterCon NetTool The UTN server will be displayed within this filter myUTN User Manual Windows 146 Appendix Troubleshooting Ter File Filter Actions Installation Search Extras Help gt gi eae h IF PREBIF ARP Naas Nano 169 254 126 032 myUTN 80 1180813 16 ICOD1FOB IP 010 168 000 000 Abb 19 InterCon NetTool UTN Server in BIOS Mode The software must be loaded on the UTN server so that the UTN server can switch from the BIOS mode to the normal mode Proceed as follows 1 Start the InterCon NetTool 2 Select the UTN server from the device list You will find the UTN server under the filter BIOS Mode 3 Select Installation IP Wizard The IP Wizard is started 4 Follow the instructions of the wizard in order to assign an IP address to the UTN server The IP address is saved Carry out a software update on the UTN server see 938115 The software will be saved in the UTN server The UTN server switches to th
79. e WIN server port number Automatically activates the port connection if the USB device is connected to the USB port but not in use getlist UIN server Shows an overview of the USB devices including port number vendor ID product ID manufacturer name product name device class and status that are connected to the UTN server state UTN server port number Displays the status of the USB device connected to the USB port h or Shows the help page help myUTN User Manual Windows 153 myUTN User Manual Windows Appendix Additional Tool utnm Command Description k USB port key Specifies a USB port key or In the course of the port key control a key is specified for key USB port key the USB port via the myUTN Control Center so that the USB device that is connected to the USB port is protected against unwanted access gt 86 In order to gain access to this USB device the appropriate key must be entered mr or Separates the output of the command string getlist with machine readable tabulators nw or Suppresses warning messages no warnings o or Shows the output in the command line output p port number or Uses an alternative UTN port port port number Client and UTN server communicate via the UTN port If a non default UTN port has been be defined 252 this command is to be used qor Suppresses the output quiet sp port number or Uses an alternative UTN port with SSL encryptio
80. e WLAN myUTN 54 only e cence eee 48 4 Device Settings i ccsss cdiv reese eevee ede eve secares ees 53 4 1 How to Determine a Description cece eee eee eee eee 53 4 2 How to Assign an Identifier Shown in the Display Panel myUTN 800 only 2 c2ccaceces seeseuenee ieee cssceaee ee eareiecren 54 4 3 How to Configure the Device Time cece cece eet eee eee 55 4 4 How to Configure the UTN SSL Port ccc eee e cence eee nee 55 4 5 How to Assign a Name to a USB Port cece eee eee eens 56 4 6 How to Deactivate a USB Port only myUTN 80 and later 57 4 7 How to Use the Notification Service only myUTN 80 and later 57 4 8 How to Get Error Messages via the Display Panel MyUTN 800 Only o ccc scccsscersenracortceusicocteneseneeieerses 59 4 9 How to Configure Acoustic Signals myUTN 800 only 60 myUTN User Manual Windows 3 4 10 How to Use the UTN Server in VLAN environments only myUTN 80 and later neo ccd set ceekiespabeeeeeed inte cieke cseaeees 62 5 Working with the SEH UTN Manager eeeee 65 5 1 How to Find UTN Servers USB Devices in the Network 65 5 2 How to Add UTN Servers USB Devices to the Selection List 67 5 3 How to Connect a USB Port including USB Device to a Client 68 5 4 How to Cut the Connection between the USB Port including USB Device and the Client cece cece eee eee ence eee enes 70 5 5 How to R
81. e normal mode n myUTN User Manual Windows 147 Possible Cause Possible Cause Possible Cause myUTN User Manual Windows Appendix Troubleshooting Some functions in the SEH UTN Manager are hidden enabled or appear dimmed O Your user account does not have the required administrative rights This leads to restricted user rights in the SEH UTN Manager see SEH UTN Manager Function Overview gt 21144 O A function is not supported by the connected USB device e g the Print On Demand feature is not supported by a hard disk Start the SEH UTN Manager as administrator For more information refer to the documentation of your operating system USB devices are not shown in the SEH UTN Manager Eliminate possible error sources Check first if the USB device is con nected to the UTN server O The SEH UTN Manager and the firmware software on the UTN server are incompatible Update the SEH UTN Manager gt 28 and the firmware software 98115 O Several compound USB devices 122 are connected to the UTN server Each integrated USB device occupies a virtual USB port of the UTN server The number of these virtual USB ports is limited depending on the UTN server model If the limit is reached no further USB devices can be used on this UTN server gt 2165 The SEH UTN Manager displays several USB devices at one USB port O The connected USB device is a so called compound USB device It consist
82. efined as user with user name and password on a RADIUS server E Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Authentication 3 Select PEAP from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server 5 Select the settings intended to secure the communication in the TLS channel 6 To make the connection more secure you can also install the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server PBIB Afterwards select the root CA certificate from the list EAP root certificate 105 Benefits and Purpose Mode of Operation myUTN User Manual Windows Security 7 Click Save amp Restart to confirm The settings are saved Configuring EAP FAST EAP FAST Flexible Authentication via Secure Tunneling validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the EAP FAST net work authentication This ensures that the UTN server gets access to protected networks EAP FAST uses as in the case of EAP TTLS see 8103 a channel in order to protect the data transfer The main difference is that EAP FAST does not require certificates for authentication purposes The use of certificates is
83. elect MAINTENANCE Parameter backup Click Browse Specify the lt default name gt _parameter txt file Click Import The parameter values in the file are applied to the UTN server EFaARWN DS myUTN 800 If you want to load the parameter values and certifi cates from an automatic backup on an SD card perform a cold start of the UTN server interrupt and re establish the power supply Automatic backup myUTN 800 only M An SD card is connected to the UTN server M The SD card has the file system FAT12 FAT16 or FAT32 MI 1 MB of free space is available on the SD card Proceed as follows Start the myUTN Control Center Select MAINTENANCE SD card Tick Parameter backup Click Save amp Restart The settings are saved 112 When is Resetting Recommended What Do You Want To Do myUTN User Manual Windows Maintenance 7 2 Howto Reset the UTN Parameters to their Default Values It is possible to reset the UTN Server s parameters to the default val ues factory settings All previously configured parameter values will be deleted in this process Installed certificates will not be deleted a B 7 If you reset the parameters the IP address of the UTN server may change and the connection to the myUTN Control Center may be terminated You must reset the parameters for example if you have changed the location of the UTN server and if you want to use the UTN server in a different
84. equest an Occupied Device cece cece eee eens 71 5 6 How to Automate Port Connections and Program Starts 72 5 7 How to Get Information about the USB Port and USB Device 77 5 8 How to Manage Selection Lists for Several Participants 78 6 SGCUILY ceri vadrwcksicankinatcokh aihthawereeehentndens 83 6 1 How to Define the Encryption Level for SSL TLS Connections 84 6 2 How to Control the Access to the myUTN Control Center 86 6 3 How to Control Access to the UTN Server TCP Port Access Control 87 6 4 How to Control Access to USB Devices only myUTN 80 and later 89 6 5 How to Block USB Device Types cece cece eee e cence eeeenee 92 6 6 How to Use Certificates Correctly ccc cece cece eee e erren 93 6 7 How to Use Authentication Methods cece eee eee ee 101 6 8 How to Encrypt Data Transfer cece cece eee n eee e eens 108 7 Maintenance decry waa ceseenew eee eamewieareewalss 110 7 1 How to Secure UTN Parameters BackUp e cece eee eee 110 7 2 How to Reset the UTN Parameters to their Default Values 113 7 3 How to Perform an Update ccc cece cece een eee eee en ees 117 7 4 How to Restart the UTN Server cece cece cece eee e een eenes 118 8 AD DENIM vio nsv 000 955 Vee RO Ne VON Ue Habe ekir arias ves 119 8 1 Glossa nc icicssarediwvicasksdekedtncdatacdencdsaeeticceviedens 120 8 2 Parameter Listas ciecenilucacscie
85. er of the email Email address of the UTN server as configured on the POP3 server myutn company com Subject cma get parameters j TO Command Abb 5 Administration via Email Example 1 Example2 This email configures the parameter Description on the UTN server Email address of the UTN 7 server as configured on the To myutn company com POP3 server f 7 Subject cmd set parameters Command TAN nUn47ir79Ajs7 QKE AN Parameter and parameter value Abb 6 Administration via Email Example 2 myUTN User Manual Windows 34 myUTN User Manual Windows Administration Methods 2 5 Administration via the Reset Button of the Device LEDs the reset button and various ports can be found on the UTN server These components are described in the Quick Installation Guide Using the reset button you can reset the UTN server s parameter val ues to their default setting see gt 2114 The Dongleserver myUTN 800 also has a restart button for rebooting the UTN server see 12118 35 What Information Do You Need What Do You Want To Do myUTN User Manual Windows Network Settings 3 Network Settings mg 36 39 e How to Configure IPv4 Parameters gt mg e How to Configure IPv6 Parameters gt e How to Configure the DNS gt 241 e How to Configure SNMP gt 9B42 e How to Configure Bonjour gt 43
86. ers Table of Contents 1 General Information cece cece cece cece eee eeees 6 Tel WVU oso sien vkion rinse pern skee reese Nee raa raare rai 6 1 2 Documentation ess sesar nessen anii rash enten E EEEE 8 1 3 Support and Service ssusssunssesunssernsernserrrrssrrsreee 11 TA Your Safety 2 2 22 deccheeenrySateeahiad kini E Diea EEEE OE EAA 12 1 5 First StepSiusesesisuisie noia ai noae Va O edd a E iE 13 1 6 Saving the IP Address in the UTN Server ccc e cence eee nee 14 2 Administration Methods ce ee eece cece eens 18 2 1 Administration via myUTN Control Center ce eee eee ee 19 2 2 Administration via the SEH UTN Manager 0ceeeeeeeeee 21 2 3 Administration via InterCon NetTOOl 00 e cece eee eee es 30 2 4 Administration via E Mail only myUTN 80 and later 32 2 5 Administration via the Reset Button of the Device 35 3 Network Settings ssssesssessessscesessecesesee 36 3 1 How to Configure IPv4 Parameters c cece cece eee eee ees 36 3 2 How to Configure IPv6 Parameters cece cece cence nee nees 39 3 3 How to Configure the DNS sssisscsdssacdess ov tess seees dened cease 41 3 4 How to Configure SNMP cece cence cence ete nee n een eenees 42 3 5 How to Configure Bonjour ccc cece e eee tence ee eenee 43 3 6 How to Configure POP3 and SMTP only myUTN 80 and later 44 3 7 How to Configur
87. esigned as an electronic document for screen use Many programs e g Adobe Reader offer a book myUTN User Manual Windows 8 Terminology Used in this Document myUTN User Manual Windows General Information mark navigation feature that allows you to view the entire docu ment structure This document contains hyperlinks to the associated information units If you want to print this documentation we recommend using the printer setting Duplex or Booklet The explanation of technical terms used in this document is summa rized in a glossary The glossary provides a quick overview of techni cal matters and background information see gt 118 Symbols and Conventions myUTN User Manual Windows General Information A variety of symbols are used within this document Their meaning is listed in the following table Tabelle 1 Conventions within the documentation Symbol Convention A __ Warning Note Proceed as follows 1 Mark Confirmation M Requirements O Option DE Bold Courier Proper names Description A warning contains important information that must be heeded Non observance may lead to malfunctions A notice contains information that should be heeded The hand symbol marks the beginning of instructions Individual instructions are set in italics The arrow confirms the consequence of an action Hooks mark requirements
88. ests in a text file 7 Click OK 8 Send the text file as certificate request to a certification authority When the requested certificate has been received it must be installed in the UTN server see gt 97 TAMYN Installing the Requested Certificate in the UTN Server M A certificate request has been created at an earlier date see gt 297 M The certificate must be in base64 format Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Click Requested certificate 4 Click Browse 97 Requirements myUTN User Manual Windows Security 5 Specify the requested certificate 6 Click Install The requested certificate will be installed in the UTN server Installing the CA Certificate in the UTN Server In order to check the identity of the communicating parties of the UTN server it is necessary to validate their certificates For this the root CA certificates of the certification authorities that have issued the certificates of said communicating parties are installed on the UTN server Up to 32 CA certificates can be installed Thus multi level public key infrastructures PKls are supported Example The UTN server offers a number of authentication methods to verify its identity in a network If you use the authentication method EAP TLS 102 you must install the root CA certificate of the certification authority that has issued the certificate of the au
89. gh Only cipher suites with a strong encryption of 128 to 256 bit are used Slow connection Do not use the encryption level Low if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY SSL connections 3 Select the desired encryption level from the Encryption area 4 Click Save amp Restart to confirm The setting will be saved Detailed information about the individual SSL connection status e g cipher suites can be found on the Details page at SSL connec tion status Details myUTN User Manual Windows 85 Security What Do You Want To Do Types of Connection HTTP HTTPS myUTN User Manual Windows 6 2 Howto Control the Access to the myUTN Control Center You can protect the administrative access to the myUIN Control Center by user profiles O Specifying the Permitted Web Connection Type gt 286 O Protecting the web access via password gt 87 C The myUTN Control Center can also be protected by the SNMP secu rity concept For further information see e How to Configure SNMP gt 42 e How to Use the UTN Server in VLAN environments only myUTN 80 and later gt 62 Specifying the Permitted Web Connection Type The web access to the myUIN Control Center can be secured by selecting the permitted types of connection HTTP HTTPS
90. gt 32 Administration Methods Security with TAN Parameter Changes myUTN User Manual Windows The following commands are supported Commands 07o ioli Description lt command gt get status Sends the status page of the UTN server get parameters Sends the parameter list of the UTN server set parameters Sends parameters to the UTN server The syntax and values can be obtained from the parameter list see gt 8121 Parameter and value must be entered into the email body update utn Carries out an automatic update using the software that is attached to the mail help Sends a page containing information about the remote maintenance lt comment gt Freely definable text for descriptions The following applies for the instructions e not case sensitive e one or more space characters are allowed e max length is 128 byte e only the ASCII format can be read You will need a TAN for updates or parameter changes on the UTN server You will get a current TAN from the UTN server via email e g when receiving a status page Enter the TAN into the first line of the email body A space character must follow Parameter changes are integrated into the email body with the fol lowing syntax lt parameter gt lt value gt The syntax and values can be obtained from the parameter list see gt 2121 33 Administration Methods Example 1 This email causes the UTN server to send the parameter list to the send
91. gt B77 e How to Manage Selection Lists for Several Participants gt 178 5 1 Howto Find UTN Servers USB Devices in the Network In order to display the existing UTN servers and their connected USB devices in the network list the network needs to be scanned The network can be scanned via multicast and or freely definable ranges The default setting is multicast search in the local network segment O Defining Search Parameters gt B66 O Scanning the Network gt 66 65 Working with the SEH UTN Manager Defining Search Parameters Requirements M The SEH UTN Manager complete version is installed on the client see E21 Proceed as follows 1 2 FNA D Start the SEH UTN Manager Select Program Options from the menu bar The Options dialog appears Select the Network Scan tab Tick IP Range Search and define one or more network ranges Click OK The settings are saved Scanning the Network Requirements M The SEH UTN Manager complete version is installed on the client see 29821 Proceed as follows 1 2 3 myUTN User Manual Windows Start the SEH UTN Manager Select Selection List Edit from the menu bar The Edit Selection List dialog appears Click Sean The network is scanned The UTN servers and USB devices found are displayed in the network list 66 Working with the SEH UTN Manager 5 2 Howto Add UTN Servers USB Devices to the Select
92. hared Key PSK The PSK is a password with 8 63 alphanumerical characters The Enterprise Mode uses the EAP authentication method An individual 128 bit key is used for data encryption after the authentication The encryption methods TKIP Temporal Key Integ rity Protocol and AES Advanced Encryption Standard are available for the encryption of data You can check the identity of a device or user by means of an authentication method before they gain access to resources in the network The UTN server offers different variants of EAP Extensible Authentication Protocol as authentication method For further information see How to Use Authentication Methods gt 101 O Using the UTN Server myUTN 54 in a Wireless Network gt 49 O Connecting the UTN Server to the Wired Network gt 52 Using the UTN Server myUTN 54 in a Wireless Network To operate the UTN server in a wireless network the WLAN and security settings of the UTN server must match those of the wireless network 49 Requirements myUTN User Manual Windows Network Settings In order to configure the UTN server you must first establish a con nection to a wired network by means of the network connector RJ 45 see Quick Installation Guide Mi The UTN server is connected to the network and the mains voltage M The UTN server is known to the wired network via its IP address see D2814 Proceed as follows Start the myUT
93. he UTN server in the selection list and select UTN Server Configure from the menu bar myUTN User Manual Windows 19 Structure of the myUTN Control Center myUTN User Manual Windows Administration Methods seh myUTN Control Center 192 168 0140 index_en html myut ControlCenter START NETWORK DEVICE SECURITY MAINTENANCE q myUTN 80 UTN server Network ICOD1FOB ES cron Default name IC0D1F0B IP address 192 168 0 140 nee Serial number 25020110900016 Subnet mask 255 255 255 0 E Deutsch Host name Gateway 192 168 0 4 BE Fran ais Software 1414 UTN port 9200 EE Espa ol aiaa aR Description BE ttatiano Ea E Portugu s Date Time 2014 02 10 10 50 28 Aas ME aitt MB sare Status Le 30 No device connected Attached devices 0 16 No device connected No device connected No device connected No device connected No device connected No device connected No device connected Copyright 2014 SEH Computertechnik GmbH Abb 2 myUTN Control Center START The available menu items are located in the navigation bar top After selecting a menu item simple mouse click the available sub menu items are displayed at the left After selecting a submenu item the corresponding page with its content is displayed at the right You can set the language via the menu item START Simply select the relevant flag The manufacturer s contact details and additional information regarding the product are displayed u
94. hown as inactive or not shown at all This depends on e the embedded UTN server model e the type and location of the selection list e the user s rights on the client e the settings of the product specific security mechanisms e the operating system of the client 2m For further information see SEH UTN Manager Funktions ber sicht 92144 myUTN User Manual Windows 29 Program Start myUTN User Manual Windows Administration Methods 2 3 Administration via InterCon NetTool The InterCon NetTool is a software that has been developed by SEH Computertechnik GmbH for the administration of SEH network devices print server TPG ISD UTN server etc Depending on the network device you can configure various features via the Inter Con NetTool After the InterCon NetIool The network range to be scanned is freely definable All network devices found will be displayed in the device list You can modify the device list and adapt it to your individual needs You can mark and configure the devices in the device list Installation In order to use the InterCon NetIool the program must be installed on a computer with Windows operating system The installation file of the InterCon NetTool can be found on the SEH Computertechnik GmbH homepage http www seh technology com services downloads myutn html The installation file is available as exe for Windows systems Proceed as follows 1 Start the InterCon NetT
95. ility of all UTN servers in the network and establishes a connection between the client and the USB port including the con nected USB device myUTN has been designed for the use in TCP IP based networks The SEH UTN Manager has been designed for the use in the following systems General Information e Windows XP and later e Mac OSX 10 8 x OS X 10 9 x e Ubuntu 12 04 x LTS 64 bit Ubuntu 14 04 x LTS 64 bit or Oracle 64 bit Linux 6 5 with Linux kernel 2 6 32 or higher glibc 2 11 1 or higher and OpenSSL 1 0 1 or higher ay This document describes the usage in Windows environments Infor mation about the usage in other environments can be found in the relevant system specific User Manual For further information see Documentation gt B8 Procedure and Basic After the SEH UTN Manager is started the network will be scanned Functions for connected UTN servers The network range to be scanned is freely definable All UTN servers found will be shown in the network list together with the connected USB devices The required UTN servers will be selected and added to the selection list The UTN servers listed in the selection list can then be used by the user To use a USB device the user establishes a connection between the client and the USB port of the UTN server to which the USB device is connected IT devices industrial devices entertainment pum devices UTN server a Abb 1 UTN Server in
96. ill guide you through the process of creating a UTN Action The following UTN Actions can be created e UTN Actions which activate and deactivate the device The wizard will automatically create one UTN Action for the activation and one UTN Action for the deactivation of the USB port and the connected USB device Both UTN Actions will be saved to the desktop e UTN Action which starts an application and activates the device After the selection of an application by the user the wizard will automatically create a UTN Action which starts an application and activates the USB port and the connected USB device Additionally you can specify a port deactivation after the closing of the application e Custom UTN Action Experts only With the help of the wizard a custom UTN Action can be created You can create UTN Actions for the activation and deactivation of the USB port and the connected USB device You can define additional options Ascript for starting the application and activating the USB port and the connected USB device Additionally you can specify a delay for the start of the application the deactivation of the USB port after the closing of the application and additional options Finally the complete UTN Action will be created automatically by the SEH UTN Manager and saved by the user Requirements M The SEH UTN Manager complete version is installed on the client see gt E21 Mi The USB port is shown in the selection lis
97. ion List The UTN servers found during the network scan will be displayed in the network list To use the connected USB devices they must be assigned to the selection list in the SEH UTN Manager together with the UTN server Requirements The SEH UTN Manager complete version is installed on the client see 29821 MI The UTN server was recognized during the network scan and is displayed in the network list Proceed as follows 1 2 Start the SEH UTN Manager Select Selection List Edit from the menu bar The Edit Selection List dialog appears Select the UTN server to be used from the network list Click Add Repeat steps 2 and 3 if necessary Click OK The UTN servers and the connected USB devices are displayed in the selection list xi Edit Selection List Put together a selection list with your preferred devices Network List a selection List a 192 168 0 140 192168 0 140 USB flash drive Port 1 USB flash drive Port 1 a e myutn 80 Company 10 168 1 167 Dongle Port 1 Dongle Port 2 Add gt Abb 10 SEH UTN Manager Edit Selection List To directly add a UTN server with a known IP address to the selection list select UTN Server Add from the menu bar myUTN User Manual Windows 67 Working with the SEH UTN Manager Special Case Compound USB Device Requirements myUTN User Manual Windows 5 3 Howto Connect a USB Port inclu
98. ireless network is SSID referred to as SSID Service Set Identifier or network name Each wireless LAN has a configurable SSID in order to clearly identify the wireless network The SSID is configured in the access point of a Wireless LAN Each device PC UTN server etc that is intended to have access to the wireless network must be configured using the same SSID Roaming Enables disables the use of roaming Roaming refers to the moving of one radio cell to the next The UTN server will use the access point that has the strongest signal If the UTN server moves towards the sphere of another access point the UTN server switches automatically and without loss of connection to the next radio cell The parameter Roaming can only be configured in the Infra structure mode Roaming level Defines the transmission power in dBm of the UTN server The value 65 dbm is preset The parameter Roaming Level can only be configured in the Infrastruc ture mode Channel Defines the channel frequency range on which the Frequency range entire data communication will be transmitted The prod uct uses the 2 4 GHz ISM band A channel has a band width of 22 MHz The distance between two neighboring channels is 5 MHz Channel 3 is preset The parameter Channel can only be configured in the Ad Hoc mode Neighboring channels overlap which can lead to interfer ences If several WLANs are operated in a small radius a dist
99. isconnected trap_sdunusable Send trap if SD card cannot be used mailto_1 mailto_2 Email address Value valid IP address max 64 characters a z A Z 0 9 on off on off on off on off on off on off valid email address max 64 characters Default 0 0 0 0 public off off off off off off blank Description Defines the SNMP trap address of the recipient Defines the SNMP trap community of the recipient Enables disables the sending of SNMP traps after a USB device was connected to removed from the UTN server Enables disables the sending of SNMP traps when the UTN server is restarted Enables disables the sending of SNMP traps after a USB port was activated deactivated Enables disables the sending of SNMP traps when one of the power supplies of the UTN server is interrupted or estab lished myUTN 800 only Enables disables the sending of SNMP traps after an SD card was connected to removed from the UTN server myUTN 800 only Enables disables the sending of SNMP traps if the SD card is unusable myUTN 800 only Defines the email address of the recipient for notifications 136 Appendix Parameter List Parameters ELT Default Description noti_dev_1 on off off Enables disables the sending noti_dev_2 of emails after a USB device Send email if was connected to removed USB devices are from the UTN server connected or disconnected no
100. issing another installer USB driver for SEH UTN Manager This installer will prepare the installation of the required drivers Unattended Installation An unattended installation takes place without any user input The following settings are used by default e Complete version e Installation for all users of the client e Target directory sPROGRAMFILES SEH Computertechnik GmbH SEH UTN Manager Where 2PROGRAMFILES3 is a Windows environment variable for the Programs folder By means of the command line the path can be determined as follows echo PROGRAMFILES e Start Menu folder SEH Computertechnik GmbH SEH UTN Manager e A desktop shortcut will be created 24 Benefits and Purpose System Requirements Syntax and Commands myUTN User Manual Windows Administration Methods e SEH UTN Manager will start automatically after the installation Unattended installations are less time consuming The SEH UTN Manager UTN Manager can be automatically installed on a large number of clients via login scripts For more information refer to the documentation of your operating system M The installation of the SEH UTN Managers is suitable for Windows XP and later M The installation can only be carried out by users with administrative rights ay By installing the SEH UTN Manager you automatically accept the SEH Computertechnik GmbH agreement concerning the license and the use of the softwa
101. l the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server PBIB Afterwards select the root CA certificate from the list EAP root certificate Click Save amp Restart to confirm The settings are saved myUTN User Manual Windows 104 Benefits and Purpose Mode of Operation Requirements myUTN User Manual Windows Security Configuring PEAP PEAP Protected Extensible Authentication Protocol validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the PEAP network authentication This ensures that the UTN server gets access to pro tected networks In the case of PEAP compare EAP TTLS see 103 an encrypted TLS Transport Layer Security channel is established between the UTN server and the RADIUS server Only the RADIUS server authenti cates itself using a certificate that was signed by a CA The TLS channel is then used to establish another connection that can be protected by means of additional EAP authentication meth ods e g MSCHAPv2 The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed PEAP uses the advan tages of TLS and supports various authentication methods including user passwords and one time passwords MI The UTN server is d
102. m mand line interpreter When using utnm it is not necessary to open and or install the interface of the SEH UTN Manager minimal version of the SEH UTN Manager gt 22 Frequently recurring command sequences e g a port activation can be automated by means of scripts The execution of scripts can be done automatically e g by means of login scripts O Using the Command Line Interface gt 2151 O Creating Scripts gt 8152 Using the Command Line Interface MI The SEH UTN Manager is installed on the client see gt 21 M The IP address or host name of a UTN server is known Proceed as follows 1 Open the Command line interface 2 Enter the sequence of commands see Syntax and Commands 28152 3 Confirm your entries The sequence of commands will be run 151 Requirements Syntax and Commands myUTN User Manual Windows Appendix Additional Tool utnm Creating Scripts MI The SEH UTN Manager is installed on the client see gt 221 M The IP address or host name of a UTN server is known Proceed as follows 1 Open a text editor 2 Enter the sequence of commands see Syntax and Commands 28152 3 Save the file as executable script for more information refer to the documentation of your operating system The script is saved Information on how to use the script can be found in the documentation of your operating system Note the following syntax lt
103. mg o e O Providing User Specific Selection Lists gt 81 O Providing Users with a Predefined Selection List gt 82 O Protecting the user specific selection list gt 82 Providing the Global Selection List to All Users Requirements M The SEH UTN Manager complete version is installed on the client see 2821 Mi You are logged on to the system as administrator myUTN User Manual Windows 80 Requirements myUTN User Manual Windows Working with the SEH UTN Manager Proceed as follows 1 Start the SEH UTN Manager 2 Compose the selection list see How to Add UTN Servers USB Devices to the Selection List 3567 Select Program Options from the menu bar The Options dialog appears Select the Selection List tab Tick Global selection list Click OK The setting will be saved All users of a client use the same selection list bo EDNA Providing User Specific Selection Lists M The SEH UTN Manager complete version is installed on the client see 2821 M You are logged on to the system as administrator Proceed as follows 1 Start the SEH UTN Manager 2 Select Program Options from the menu bar The Options dialog appears 3 Select the Selection List tab 4 Tick User selection list 5 Click OK The setting will be saved Each user uses their own selection list The selection lists of the users will be saved as ini files in user specific directories se
104. myUTN Control Center By setting the key the USB device that is connected to the USB port is protected against unwanted access Neither the USB port nor the connected USB device will be displayed in the SEH UTN Manager This means that a user will not be able to make changes to the port or to establish a connection between the client and the USB port To make the USB port and the connected USB device available the user must enter the key for the USB port on the client This is done via the SEH UTN Manager By changing the key in the myUTN Con trol Center the user can once again lose its permission to access the USB device Device assignment means that a USB device is permanently assigned to each USB port via the myUTN Control Center A USB device can then only be operated together with its assigned USB port The device assignment makes sure that the security settings of the USB port and the USB device are not bypassed If a device other than the assigned USB device is connected to the USB port it can not be operated a If you want to control the access to the USB devices it is advisable to protect the administrative access to the myUTN Control Center by a password so that the settings cannot be changed by unauthorized persons see gt B87 89 What Do You Want To Do myUTN User Manual Windows O O O O Security Blocking access to USB devices gt 90 Unblocking access to USB devices gt 290
105. n ssl port port number Encrypted connection means that client and UTN server communicate via the UTN SSL port If a non default UTN SSL port has been be defined 252 this command is to be used t seconds or Specifies a timeout for the command strings activate timeout seconds deactivate plugin plugout and eject v or Shows version information about utnm version The following applies for the commands e UTN server IP address or host name of a UTN server e Elements in square brackets are optional e not case sensitive e only the ASCII format can be read 154 Appendix Additional Tool utnm Return Value Description Return Values 0 The USB port including the connected USB device is free for use 20 The plugin of the USB device connected to the USB port failed PAL The plugout of the USB device connected to the USB port failed 22 The ejection of the USB device connected to the USB port failed 23 The USB device connected to the USB port is already plugged in 24 The USB device connected to the USB port is already plugged out 25 The USB port including the connected USB device is connected to another user 26 The USB port including the connected USB device is unreachable 27 The USB device state is unknown 100 Unknown command TOn UTN server not found Either the UTN server does not exist or the DNS resolution failed 103 The port key is too long Example A USB device is
106. n is activated by default After a successful test you must deactivate the test mode so that access protection remains permanently active Proceed as follows 1 Start the myUTN Control Center SelectSECURITY TCP port access Tick Port access control Select the desired protection in the Security level area In the Exceptions area define the network elements which are excluded from port locking Enter the IP or MAC addresses and tick the options Make sure that the test mode is enabled 7 Click Save amp Restart to confirm The settings are saved The port access control is activated until the device is restarted 8 Check the port access and configurability of the UTN server AMYN gt a If the UTN server can no longer be reached using the myUTN Control Center restart the device see gt 118 9 Clear Test mode 10 Click Save amp Restart to confirm The settings are saved The port access control is active Access to the ports is restricted 88 USB Port Key Control USB Port Device Assignment myUTN User Manual Windows Security 6 4 How to Control Access to USB Devices only myUTN 80 and later Via the USB ports you can control the access to the USB devices that are connected to the UTN server Two security methods are available for each USB port Both security methods can also be used in combi nation In the course of the key control a key is specified for the USB port via the
107. ncryption strength and thus the safety of the connection is defined via the encryption level Each encryption level is a collection of so called cipher suites A cipher suite is a standardized sequence of four cryptographic algo rithms that are used to establish a secure connection Depending on their cipher strength in bit cipher suites are grouped to form an encryption level Which cipher suites are supported by the UTN server i e are part of an encryption level depends on the protocol used SSLv2 SSLv3 TLSv1 When establishing a secure connection a list of supported cipher suites is sent to the communicating party A cipher suite is agreed upon that will be used later on The strongest cipher suite that is supported by both parties will be used by default If there is no cipher suite that is supported by both parties no SSL TLS connection will be established The communicating parties of the UTN server e g browser must support the cipher suites of the selected encryption level in order to successfully establish a connection When problems occur select a different level or reset the parameters of the UTN server see 9113 84 Security The following encryption levels can be selected e Compatible Cipher suites with an encryption of 40 to 256 bit are used e Low Only cipher suites with a low encryption of 56 bit are used Fast connection e Medium Only cipher suites with an encryption of 128 bit are used e Hi
108. nder Product amp Company The Sitemap provides an overview of and direct access to all pages of the myUTN Control Center All other menu items refer to the UTN server s configuration They are described in the Online Help of the myUTN Control Center To start the Online Help click the 2 icon 20 Administration Methods 2 2 Administration via the SEH UTN Manager Area of Application The software tool SEH UTN Manager handles the access of the USB devices The SEH UTN Manager shows the availability of all UTN servers and USB devices that exist in the network and establishes a connection between the client and the USB port of the UTN server to which the USB device is connected The software is installed on all clients that are meant to access a USB device in the network Mode of Operation After the SEH UTN Manager is started the network will be scanned for connected UTN servers The network range to be scanned is freely definable After the network scan all UTN servers found together with the connected USB devices will be shown in the network list The required UTN servers will be selected and added to the selection list The devices in the selection list can be configured or connected to the client What Information e Automatisms gt 21 Do vouliecs SEH UTN Manager Versions gt 22 e Installation gt 23 e Programm Start gt 27 e Changing Versions gt 27 e Update gt 27
109. network If the UTN server is connected it asks the BOOTP host for the IP address and the host name The BOOTP host answers and sends a data packet containing the IP address The IP address is saved in the UTN server DHCP The UTN server supports DHCP which means that the IP address of the UTN server can be assigned dynamically via a DHCP server M The DHCP parameter has been enabled see gt 36 Mi A DHCP server is available in the network After the hardware installation the UTN server asks a DHCP server for an IP address by means of a broadcast query The DHCP server identifies the UTN server on the basis of its hardware address and sends a data packet to the UTN server This data packet contains among others the IP address of the UTN server the default gateway and the IP address of the DNS server The data is saved in the UTN server Requirements myUTN User Manual Windows General Information Auto Configuration IPv6 Standard The UTN server can have an IPv4 address and several IPv6 addresses at the same time The IPv6 standard is used to automatically assign IP addresses in IPv6 networks When connected to an IPv6 network the UTN server will automatically obtain an additional link local IP address from the IPv6 address range The UTN server uses the link local IP address to search for a router The UTN server sends so called router solicitations RS to the spe cial multicast address FFO2
110. nitoring of network elements The protocol controls communication between the moni tored devices and the monitoring station SNMP allows you to read and edit management information pro vided by the network elements e g UTN server The UTN server sup ports versions 1 and 3 of SNMP The SNMP community is a basic form of access protection A large number of SNMP managers are grouped together in the community The community is then assigned read write access rights The gen eral community string is public The community string for SNMPv1 is transferred in plain text and does not provide sufficient protection SNMPv3 is a continuation of the SNMP standard which provides improved applications and a user based security model Distinguish ing features of SNMPv3 include its simplicity and security concept Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK SNMP 42 myUTN User Manual Windows Network Settings 3 Configure the SNMP parameters siehe Tabelle 5 2843 4 Click Save amp Restart to confirm The settings are saved Tabelle 5 SNMP parameters Parameters Description SNMPv1 Enables disables SNMPv1 Read only Enables disables the write protection for the community Community SNMP community name The SNMP community is a basic form of access protection in which several participants with the same access rights are grouped together SNMPv3 Enables disables SNMPv3
111. o Connect Auto Disconnect and Print On Demand can only be configured by users with administra tive rights Installation In order to use the SEH UTN Manager the program must be installed on a computer with a Windows operating system The installation file of the SEH UTN Manager can be found on the SEH Computer technik GmbH homepage http www seh technology com services downloads myutn html The installation file contains both versions of the SEH UTN Manager In addition an unattended installation can be carried out e Standard Installation 324 e Unattended Installation gt B24 23 System Requirements myUTN User Manual Windows Administration Methods Standard Installation The installation file is available as exe for Windows systems MI The installation of the SEH UTN Manager is suitable for Windows XP and later M The installation can only be carried out by users with administrative rights E Proceed as follows 1 Start the SEH UTN Manager installation file 2 Follow the installation routine The SEH UTN Manager is installed on your client If used in server based environments Citrix XenApp Microsoft Remote Desktop Services Terminal Services and virtualized environments VMware Citrix XenDesktop Microsoft HyperV etc the Windows sys tem may lack required drivers The installation routine checks the avail able drivers during the installation process If drivers are m
112. o the HID class Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Device access 3 Tick clear Disable input devices HID class in the USB devices area 4 Click Save amp Restart to confirm 5 The setting will be saved 92 What are Certificates Benefits and Purpose Which Certificates are Available myUTN User Manual Windows Security 6 6 Howto Use Certificates Correctly The UTN server has its own certificate management This section explains how certificates are used and when the use of certificates is recommended Certificates can be used in TCP IP based networks to encrypt data and to authenticate communication partners Certificates are elec tronic messages containing a key public key and a signature The use of certificates allows for various security mechanisms Use certificates in your UTN server e to check the identity of the UTN server in the network see Configuring EAP TLS gt 2102 e to authenticate the UTN server if the email communication is protected POP3 SMITP via SSL TLS gt 44 e to authenticate the UTN server client if the data transfer between the clients and the UTN server is encrypted via SSL TLS gt 8108 e to authenticate the UTN server client if the administrative access to the myUTN Control Center is protected via HTTPS SSL TLS lt gt If you use certificates it is advisable to protect the administrative access to the myU
113. ol panel of the operating system to turn ini files into read only files To do this you need administrative rights on the cli ent If an SEH UTN Manager ini file becomes read only all functions of the SEH UTN Manager that relate to the selection list will be dis abled 82 Security 6 Security The following security mechanisms can be configured and activated according to your demands What Information How to Define the Encryption Level for SSL TLS Connections Do You Need 2884 e How to Control the Access to the myUTN Control Center gt E86 e How to Control Access to the UTN Server TCP Port Access Control gt 287 e How to Control Access to USB Devices only myUTN 80 and later gt 89 e How to Block USB Device Types gt 292 e How to Use Certificates Correctly gt 93 e How to Use Authentication Methods gt 8101 e How to Encrypt Data Transfer gt 21108 myUTN User Manual Windows 83 Encryption Level Cipher Suite Establishing Connections myUTN User Manual Windows Security 6 1 How to Define the Encryption Level for SSL TLS Connections The following connections on the UTN server can be encrypted via SSL TLS e Email POP3 gt 244 e Email SMTP gt 44 e Web access to the myUTN Control Center HTTPS gt 86 e Data transfer between the clients and the UTN server and the connected USB devices USB port 8108 The e
114. ons these methods support What Information e Administration via myUTN Control Center gt 19 DoYouNeed administration via the SEH UTN Manager 2821 e Administration via InterCon NetIool gt 30 e Administration via E Mail only myUTN 80 and later gt 32 e Administration via the Reset Button of the Device 935 myUTN User Manual Windows 18 Administration Methods 2 1 Administration via myUTN Control Center Which Functions Are The myUTN Control Center includes all features for the administra Supported tion and monitoring of the UTN server The myUTN Control Center is stored in the UTN server and can be displayed by means of a browser software e g Internet Explorer Requirements M The UTN server is connected to the network and the mains voltage M The UTN server has a valid IP address Proceed as follows StartingthemyUTN 7 Open your browser Control Center 2 Enter the IP address of the UTN server as the URL The myUTN Control Center appears gt If the myUTN Control Center is not displayed check the proxy set tings of your browser You can also start the myUTN Control Center via the software tools SEH UTN Manager and InterCon NetTool e To start the myUTN Control Center via the InterCon NetTool mark the UTN server in the device list and select Actions Launch Browser from the menu bar e To start the myUTN Control Center via the SEH UTN Manager mark t
115. ool installation file 2 Select the desired language 3 Follow the installation routine The InterCon NetTool will be installed on your client To start the InterCon NetTool double click the InterCon NetTool icon Sex The icon is found on the desktop or the Windows start menu Start gt All Programs gt SEH Computertechnik GmbH gt InterCon NetTool The settings of the InterCon NetIool are saved in the NetTool ini file This file is stored in the user folder of the user that is currently logged in 30 Administration Methods Structure ofthe After the program start you will see the main dialog with the fol InterCon NetToo lowing elements The dialog may vary depending on which elements you have chosen to be shown or hidden Menu bar Toolbar Device list S4 InterCon NetTool File Filter Actions Installation Search Extras Help fF 192 168 000 012 myUTN 80 amp 192 168 000 140 myUTN 80 ICOD1FOB Default Settings Launch Browser IP Wizard Filter for the device list Shortcut menu Abb 4 InterCon NetTool Main Dialog Which Functions Are The InterCon NetTool allows you to S ted Ge eee e assign an IPv4 address to the UTN server gt 238 e restart the UTN server gt 2118 e reset the UTN server s parameter values to their default settings 8114 e start the myUTN Control Center gt 19 e switch from the BIOS mode to the default mode gt 8146
116. optional PACs Protected Access Credentials are used to build the channel PACs are credentials that comprise up to three components e A shared secret key that contains the preshared key between the UTN server and the RADIUS server e An opaque part that is provided to the UTN server and presented to the RADIUS server when the UTN server wishes to obtain access to network resources e Other information that may be useful to the client Optional EAP FAST uses two methods to generate PACs e The manual delivery mechanism can be every mechanism that the administrator configures and considers to be safe for the network e In the case of the automatic delivery an encrypted channel is established in order to protect the UTN server authentication as well as the delivery of the PACs 106 Requirements myUTN User Manual Windows Security MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 1 2 3 4 D Start the myUTN Control Center Select SECURITY Authentication Select FAST from the Authentication method list Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server Select the settings intended to secure the communication in the channel Click Save amp Restart to confirm The settings are saved 107 myUTN User Manual Windows Security 6 8 Howto Encrypt Data Transfer You can
117. p myUTN 800 Only myUTN User Manual Windows Maintenance 7 Maintenance e How to Secure UTN Parameters Backup 2110 How to Reset the UTN Parameters to their Default Values gt E113 e How to Perform an Update 912117 e How to Restart the UTN Server gt 124118 7 1 Howto Secure UTN Parameters Backup All parameter values of the UTN server exception passwords are saved in the gt default name gt _parameters txt file You can save the parameters file as backup copy on your local client This allows you to get back to a stable configuration status at any time You can edit the parameter values of the copied file using a text edi tor Afterwards the configured file can be downloaded to one or more UTN servers The parameter values included in the file will be taken over by the device The Dongleserver myUTN 800 additionally has an automatic backup feature It saves the parameter values exception passwords and certificates installed on the UTN server automatically to a con nected SD card After a parameter or certificate change the backup will be updated automatically If the SD card is lost or stolen your environment becomes vulner able certificates passwords Therefore you have to take all nec essary precautions for protecting the myUTN 800 if you use the automatic backup 110 What Do You Want To Do myUTN User Manual Windows Maintenance Upon delivery the SD
118. ponent Allows you to enter additional attributes Optional entry Country Specifies the country in which the company is based Enter the two digit country code according to ISO 3166 Examples DE Germany GB Great Britain US USA Issued on Specifies the date from which on the certificate is valid Expires on Specifies the date from which on the certificate becomes invalid RSA key length Defines the length of the RSA key used 512 bit fast encryption and decryption 768 bit 1024 bit standard encryption and decryption 2048 bit slow encryption and decryption myUTN User Manual Windows 96 Requirements myUTN User Manual Windows Security Creating a Certificate Request for a Requested Certificate As preparation for using a certificate which is issued by a certifica tion authority for the UTN server a certificate request can be cre ated in the UTN server The request must be sent to the certification authority which creates an certificate on the basis of this request The certificate must be in base64 format lt If a certificate request has already been created it will be overwritten Proceed as follows 1 Start the myUTN Control Center Select SECURITY Certificates Click Certificate request Enter the required parameters siehe Tabelle 13 296 Click Create a request The creation of the certificate request is in progress This may take a few minutes 6 Select Upload and save the requ
119. r the program start you will see the main dialog with the fol lowing elements The dialog may vary depending on which elements you have chosen to be shown or hidden 27 myUTN User Manual Windows Buttons for editing Menu bar the selection list Administration Methods Selection List 4 192 168 0140 USB flash di USB flash drive Available Off Off Alcor Micro Corp Flash Drive Available turer Alcor Micro Corp 0x058f Flash Drive 0x6387 Mass Storage 0x08 Buttons for managing the port connection Abb 3 SEH UTN Manager Main Dialog Functions The SEH UTN Manager offers the following features Adding UTN Servers to the Selection List gt Connecting the USB Port to the Client gt Disconnecting the USB Port from the Cli Requesting Occupied USB Ports gt 271 Automating Port Connections and Program Starts gt Assigning an IPv4 Address to UTN Servers gt Starting the myUTN Control Center gt 51 Granting Access to Locked USB Ports gt Display area for the properties 67 868 ent gt a70 B37 9 B90 Managing Selection Lists for Several Participants gt B72 B78 Detailed information on how to use the SEH UTN Manager can be found in the Online Help To start the Online Help select Help Online Help from the menu bar 28 Administration Methods Functions in the SEH UTN Manager can be s
120. re The agreement can be found on the homep age of SEH Computertechnik GmbH http www seh technology com services licenses software license agreement html Proceed as follows 1 Open the command line interface 2 Change to the directory containing the SEH UTN Manager installation file 3 Enter the sequence of commands see Syntax and Commands 9525 4 Confirm your entries The sequence of commands will be run Note the following syntax sehutnmanager win X X X exe S lt command gt 25 Administration Methods The following commands are supported Command Description A Installs SEH UTN Manager for all users KE Installs SEH UTN Manager for the current user only D lt path gt Overrides the default installation directory An absolute path must be specified It has to be the last parameter used in the command line and must not contain any quotes even if the path contains spaces F lt folder Overrides the default folder name of the Start menu folder name gt Subfolders can be specified wih G Installs the complete version gt 22 of SEH UTN Manager Recommended for general use K Does not create a desktop shortcut M Installs the minimal version gt 222 of SEH UTN Manager Expert use only R Runs SEH UTN Manager after the installation is complete is Instructs the installation to be silent There is no user interaction and the user cannot cancel the installation U Up
121. rt utn_tag_20 Port name utn_poff_1 on off off Disables enables the power supply for the USB port i e utn_poff_20 the USB device connected to Port the port off power on on power off utn_poffdura_1 0 100 0 This parameter can only be 1 3 characters 0 9 used after consultation with utn_poffdura_20 the SEH support team utn_prereset_1 on off off This parameter can only be used after consultation with utn_prereset_20 the SEH support team Tabelle 26 Parameter List DNS Parameters Value Default Description dns on off on Enables disables the name DNS resolution via a DNS server myUTN User Manual Windows 130 myUTN User Manual Windows Appendix Parameter List Parameters Value Default Description dns_domain max 255 characters blank Defines the domain name of Domain name a z A Z 0 9 an existing DNS server dns_primary valid IP address 0 0 0 0 Defines the IP address of the Primary DNS primary DNS server server dns_secondary valid IP address 0 0 0 0 Defines the IP address of the Secondary DNS secondary DNS server server The secondary DNS server is used if the primary DNS server is not available Tabelle 27 Parameter List SNMP Parameters Value Default Description snmpv1 on off on Enables disables SNMPv1 SNMPv1 snmpv1_ronly on off off Enables disables the write Read only protection for the community snmpv1_community max 64 characters public Defines the name of the
122. rtificate via the icon Q The certificate is displayed Creating a Self Signed Certificate lt gt If a self signed certificate has already been created on the UTN server you must first delete the certificate see gt I5100 Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Click Self signed certificate an 4 Enter the relevant parameters siehe Tabelle 13 296 95 Security 5 Click Create7Install The certificate will be created and installed This may take a few minutes Tabelle 13 Parameters for the Creation of Certificates Parameters Description Common name Is used to clearly identify the certificate It is advisable to use the IP address or the host name of the UTN server to allow a clear assignment of the certificate to the UTN server You can enter a maximum of 64 characters Email address Specifies an email address You can enter a maximum of 40 characters Optional entry Organization name Specifies the company that uses the UTN server You can enter a maximum of 64 characters Organizational unit Specifies the department or subsection of a company You can enter a maximum of 64 characters Optional entry Location Specifies the locality where the company is based You can enter a maximum of 64 characters State name Specifies the state in which the company is based You can enter a maximum of 64 characters Optional entry Domain com
123. s front side It provides status information error states Text Description Troubleshooting DS The Dongleserver is operational identifier gt 251 E1 One of the two power supplies is Check the cabling connections not working and voltage source Which connection is not working is indicated by a glowing dot left dot left power supply right dot right power supply E2 The SD card is formatted with an Format the SD card in the file unsupported file system format FAT32 FAT16 or FAT12 respectively cannot be read and Check if the SD card functions be written to properly E3 The SD card is read only Remove the write protection from the SD card E4 No SD card is available in the Insert an SD card into the SD card reader card reader Type SD or SDHC File system FAT32 FAT16 or FAT12 myUTN User Manual Windows 143 myUTN User Manual Windows Appendix SEH UTN Manager Function Overview 8 5 SEH UTN Manager Function Overview Functions in the SEH UTN Manager can be shown as inactive grayed out or not shown at all This depends on the following factors e Settings of the selection list mode global list user list e User Groups Users that have administrative rights Users that do not have administrative rights Users with write access to the ini file selection list Users without write access to the ini file selection list The administrator can use these factors to provide users wi
124. s of a hub and one or more USB devices that are all integrated into a single housing When the connection to the port is established all displayed USB devices will be connected to the user s client and can be used 148 Possible Cause Possible Cause myUTN User Manual Windows Appendix Troubleshooting A connection to the UTN server cannot be established A common port will be used for the data transfer between the UTN server and the SEH UTN Manager that is installed on the client gt B52 O The port numbers are not identical The current port number cannot be transferred to the SEH UTN Managers that are installed on the clients The SNMPv1 parameter has been disabled see gt 39 O The communication is blocked by a firewall A connection to the USB port cannot be established O The access control for USB devices is enabled gt B86 O No driver software for the USB device is installed on the client O The USB port is already connected to another client A connection to the myUTN Control Center cannot be established Eliminate possible error sources First of all check the cabling connections the IP address of the UTN server gt 14 as well as the proxy settings of your browser If you still cannot establish any connection the following safety mechanisms might be the cause O The access is protected via SSL TLS HTTPS gt 282 O The access is protected via SSL TLS HTTPS and you deleted
125. s or users before they gain access to network resources You can configure the UTN server for the EAP TTLS network authentica 103 Security Mode of Operation Requirements tion This ensures that the UTN server gets access to protected net works EAP TTLS consists of two phases In phase 1 a TLS encrypted channel between the UTN server and the RADIUS server will be established Only the RADIUS server authenticates itself using a certificate that was signed by a CA This process is also referred to as outer authentication In phase 2 an additional authentication method is used for the communication within the TLS channel EAP defined methods and older methods CHAP PAP MS CHAP and MS CHAPv2 are supported This process is also referred to as inner authentication The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS sup ports most authentication protocols MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 7 Start the myUTN Control Center Select SECURITY Authentication Select TTLS from the Authentication method ist Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server Select the settings intended to secure the communication in the TLS channel To make the connection more secure you can also instal
126. scribed in the following The illustra tions may differ slightly from your UTN server model The reset process can be divided into two phases e During phase 1 the device is forced into the reset mode During the reset mode the parameters are reset e The second describes the restart of the device IMPORTANT The reset mode is indicated by the synchronous blinking of the activity LED yellow and the status LED green and last for about five intervals You must release the reset button within this time frame other wise the device switches to the BIOS mode If this happens try the reset again The phases are described in the following 114 Maintenance Phase 1 Reset Phase 2 Restart Switch off the UTN server interrupt the power supply Press and hold the reset button Switch on the UTN server status LED blink synchronously The reset mode has been activated Release the reset button for about 2 seconds Press and hold the reset button again The LEDs blink synchronously activity LED will blink Release the reset button myUTN User Manual Windows establish the power supply Wait until the activity LED and The LEDs blink alternatingly After a few seconds only the Switch off the UTN server interrupt the power supply Switch on the UTN server establish the power supply 115 Maintenance myUTN 800 Remove the SD card from the UTN server before resetting
127. t see gt 167 Proceed as follows 1 Start the SEH UTN Manager 2 Select a port from the selection list myUTN User Manual Windows 75 Working with the SEH UTN Manager 3 Select Port Create UTN Action from the menu bar The dialog Create UTN Action will be started 4 Follow the instructions of the Wizard A UTN Action will be created The UTN Action can be run by double clicking the file tay Create UTN Action for 192 168 0 140 USB flash drive Port 1 Welcome S E This wizard will quide you through the process of creating a UTN Action UTN Actions are small files which automate a device connection What kind of UTN Action do you want to create Automatically create UTN Actions which activate and deactivate the device 5 Automatically create a UTN Action which starts an application and activates the device 5 Create a custom UTN Action Experts only To continue select an option and dick Next Abb 12 Create UTN Action dialog Tip1 Shortcuts can be moved to any location and renamed Tip2 Experts only Custom UTN Actions which activate or deactivate USB devices can be edited after their creation To do this edit the com mand line in the shortcut target Tip3 Expert mode script You can also edit the script after its creation using a simple text editor myUTN User Manual Windows 76 What Do You Want To Do Requirements Requirements myUTN User Manual Windows
128. t 0 4096 Ignore mail 1 4 characters 0 9 exceeding 0 unlimited Default off blank 110 blank blank 4096 Description Enables disables the POP3 functionality Defines the POP3 server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand Defines the time interval in minutes for retrieving emails from the POP3 server Defines the port of the POP3 server used by the UTN server for receiving emails When using SSL TLS enter 995 as port number Defines the name used by the UTN server to log on to the POP3 server Defines the password used by the UTN server to log on to the POP3 server Defines an authentication method Defines the maximum email size in Kbyte to be accepted by the UTN server 134 myUTN User Manual Windows Appendix Parameter List Tabelle 32 Parameter List SMTP only myUTN 80 and later Parameters ELT Default Description smtp_srv max 128 characters blank Defines the SMTP server via Server name the IP address or the host name The host name can only be used if a DNS server was configured beforehand smtp_port 1 65535 25 Defines the port number used Server port 1 5 characters 0 9 by the UTN server to send emails to the SMTP server smtp_usr max 128 characters blank Defines the user name used User name by the UTN server to log on to the SMTP server smtp_pwd max 1
129. t and the connected USB device in order to avoid data loss and error conditions If the prolongation is enabled the note with the possibility to accept or reject the prolongation will appear eS You have the option of being informed about the availability of the port after the automatic disconnection For this purpose set up a notification if the USB port is available see gt 77 Auto Disconnect allows a large number of network participants to access a small amount of USB ports including the connected USB devices and avoids idle times MI The SEH UTN Manager complete version is installed on the client see gt E21 M The UTN server is displayed in the Automatic Device Disconnect area see gt 67 MI You are logged on to the system as administrator mg Proceed as follows 1 Start the SEH UTN Manager 73 Requirements myUTN User Manual Windows A EFNDA Working with the SEH UTN Manager Select Program Options from the menu bar The Options dialog appears Select the Automatisms tab In the Auto Disconnect area tick Status for the relevant UTN server Define the desired time range 10 525 minutes Optionally tick Prolongation Click OK The setting will be saved Automatically Creating a Connection between the USB Port and the Client when a Print Job is Received Print On Demand A connection between the USB port or the connected USB device printer or multifunction printer
130. th indi vidual functions The following table gives an overview siehe Tabelle 38 15145 lt gt The table shows the features that are basically available In addition individual features will not be displayed or will be displayed as inac tive This depends on the embedded UTN server model the settings of the product specific security mechanisms 144 Appendix SEH UTN Manager Function Overview Tabelle 38 SEH UTN Manager Function Overview Windows Global Selection User Specific Selection List List Adminis Adminis User User trative trative rw C9 rights User rights INI INI Selection List Edit Selection List Export Selection List Refresh UTN server Configure UTN server Set IP Address UTN server Set USB Port Keys UTN server Add UTN server Remove UTN server Refresh Port Activate Port Deactivate Port Request Port Remove Port Create UTN Action Port Settings RRB e Ee ke SJ 8 SESE ESD ed Sy Sy SS xf hh RRA eB lt i lt i lt i lt iey lt JS lt i x is SJ Sfx lt E lt 1 lt 9 EENEN Selection List Refresh Selection List Edit Port Activate Port Deactivate Program Options dialog lt E Sie a lt i Ai i lt i Network Scan Multicast Search v x v x Be Network Scan IP Range Search v x v x
131. that must be met before you can begin the action A square marks procedures and options that you can choose Eye catchers mark lists This sign indicates the summary of a chapter The arrow marks a reference to a page within this document In the PDF file you can jump to this page by clicking the symbol Established terms of buttons or menu items for example are set in bold Command lines are set in Courier font Proper names are put in inverted commas 10 General Information 1 3 Support and Service Support If questions remain please contact our hotline SEH Computertech nik GmbH offers extensive support Monday through Thursday from 8 00 a m to 4 45 p m Friday and from 8 00 a m to 3 15 p m CET 49 0 521 94226 44 support seh de Current Services The following services can be found on the homepage of SEH Com putertechnik GmbH http www seh de e current firmware software current tools current documentation e current product information e product data sheets e and much more myUTN User Manual Windows 11 Intended Use Improper Use Safety Regulations Warnings myUTN User Manual Windows General Information 1 4 Your Safety Read and observe all safety regulations and warnings found in the documentation on the device and on the packaging This will avoid potential misuse and prevent damages to people and devices SEH Computertechnik GmbH will not
132. the Password a z A Z 0 9 UTN server as saved in the authentication server RADIUS auth_intern none Defines the kind of inner Inner PAP PAP authentication for the EAP authentication z authentication methods TTLS CHAP CHAP PEAP and FAST MSCHAP2 MS CHAPv2 EMD5 EAP MD5 ETLS EAP TLS auth_extern none Defines the kind of external PEAP EAP FAST PLABELO authentication for the EAP Options PEAPLABELO authentication methods TTLS PEAP i PLABEL1 and FAST PEAPLABEL1 PVERO PEAPVERO PVER1 PEAPVER1 FPROV1 FAST PROV1 myUTN User Manual Windows 133 myUTN User Manual Windows Parameters Value auth_ano_name max 64 characters Anonymous a z A Z 0 9 name auth_wpa_addon max 255 characters WPA add on a z A Z 0 9 Default blank blank Appendix Parameter List Description Defines the anonymous name for the unencrypted part of the EAP authentication methods TTLS PEAP and FAST Specifies an optional WPA expansion Tabelle 31 Parameter List POP3 only myUTN 80 and later Parameters Value pop3 on off POP3 pop3_srv max 128 characters Server name pop3_poll 1 10080 Check mail 1 5 characters 0 9 every pop3_port 1 65535 Server port 1 5 characters 0 9 pop3_usr max 128 characters User name pop3_pwd max 128 characters Password pop3_sec 0 no security Security 1 APOP 2 SSL TLS pop3_limi
133. the certificate CA self signed PKCS 12 Reset the parameter values of the UTN server to their default settings to get access 8111 Previous settings will be deleted O The TCP port access control is enabled gt 83 mp 149 Appendix Troubleshooting O The password protection is enabled gt 83 O The cipher suites of the encryption level are not supported by the browser gt 80 The password is no longer available The access to the myUTN Control Center can be protected by a pass word If the password is no longer available you can reset the parameter values of the UTN server to their default settings to get access gt 111 Previous settings will be deleted myUTN User Manual Windows 150 utnm Use Benefits and Purpose What Do You Want To Do Requirements myUTN User Manual Windows Appendix Additional Tool utnm 8 7 Additional Tool utnm The additional tool utnm has been developed for the myUTN prod ucts of SEH Computertechnik GmbH It is used for the activation and deactivation of USB ports including connected USB devices In order to activate or deactivate a USB port with utnm commands are entered and run in a special syntax in the command line inter face of the operating system As an alternative a script will be written for the USB port The script contains commands in a special syntax When it is run the com mands will be executed automatically step by step by the co
134. thentication server RADIUS on the UTN server M The certificate must be in base64 format Proceed as follows Start the myUTN Control Center Select SECURITY Certificates Click CA certificate Click Browse Specify the CA certificate Click Install The CA certificate will be saved in the UTN server ERA RWN DS Installing the PKCS 12 Certificate in the UTN Server Certificates with the PKCS 12 format are used to save private keys and their respective certificates and to protect them by means of a password 98 Requirements myUTN User Manual Windows Security gt If a PKCS 12 certificate has already been installed on the UTN server it will be overwritten M The certificate must be in base64 format Proceed as follows Start the myUTN Control Center Select SECURITY Certificates Click PKCS 12 certificate Click Browse Enter the PKCS 12 certificate Enter the password Click Install The PKCS 12 certificate is saved in the UTN server ENAAKRWNS Saving S MIME Certificates in the UTN Server only myUTN 80 and later S MIME certificates pem file are used to sign and encrypt the emails that are sent by the UTN server 2 If a S MIME certificate has already been installed on the UTN server it will be overwritten Proceed as follows Start the myUTN Control Center Select SECURITY Certificates Click S MIME certificate Click Browse Specif
135. ti_act_1 on off off Enables disables the sending noti_act_2 of emails after a USB port was Send email if activated deactivated USB port is activated or deactivated noti_pwr_1 on off off Enables disables the sending noti_pwr_2 of emails when one of the Send email if power supplies of the UTN power supply is server is interrupted or estab interrupted or lished myUTN 800 only established noti_sdinout_1 on off off Enables disables the sending noti_sdinout_2 of emails after an SD card Send email if SD was connected to removed card is connected from the UTN server only or disconnected myUTN 800 noti_sdunusable_1 on off off Enables disables the sending noti_sdunusable_2 of emails if the SD card is Send email if SD unusable myUTN 800 only card cannot be used noti_stat_1 on off off Enables disables the noti_stat_2 periodical sending of a status Status email email to recipient 1 or 2 noti_pup_1 on off off Enables disables the sending noti_pup_2 of emails when the UTN Send email if server is restarted UTN server is restarted notistat_d al daily al Specifies the interval at which Interval su Sunday a status email is sent mo Monday tu Tuesday we Wednesday th Thursday fr Friday sa Saturday myUTN User Manual Windows 137 Parameters Value notistat_h 1 1 hour hh 2 2 hour 3 3 hour etc notistat_tm 0 00 min mm 1 10 min 2 20 min 3 30 min 4 40 min 5 50 min 6 00 min Default
136. to be activated Commands and syntax lt path utnm exe gt c activate UTN server port number Results in C Program Files SEH Computertechnik GmbH SEH UTN Manager utnm exe c activate 192 168 0 140 4 myUTN User Manual Windows 155 myUTN User Manual Windows Appendix List of Figures 8 8 List of Figures UTN Server in the Network sc2 c2t cteae id eadsbiae ed nwans tak 7 myUTN Control Center START 0 0 00 cece eee eee 20 SEH UTN Manager Main Dialog 0 00 ee 28 InterCon NetIool Main Dialog eee ee eee 31 Administration via Email Example 1 0 02 ee eee 34 Administration via Email Example 2 0002 eee eee 34 InterCon NetIool IP Wizard 00 0c e eee ee eee 38 Display panel myUTN 800 00 2 0000 eee eee 54 USB port based assignment of VLANs 222 20005 62 SEH UTN Manager Edit Selection List 67 SEH UTN Manager Activating the Device 69 Create UTN Action dialog 2o n2044253oteedse see gussceiues se 76 Global Selection List ccc cence dadie ator ects seme ol baaare sand 79 User Specinie Selection List 22s evcicceuaereckeaGe een shes 79 myUTN Control Center Certificates 0 00 00 eens 94 UTN Server SSL TLS Connection in the Network 108 SEH UTN Manager Encryption 0 e eee eee eee 109 Reset button myUTN 800
137. ual Windows Device Settings Configuring event notifications via email MI SMTP parameters have been configured on the UTN server see gt B44 MI A DNS server has been configured on the UTN server see 41 For the notification service you can specify up to two email recipi ents and the message types Proceed as follows Start the myUTN Control Center Select Device Notification Enter the recipient into the Email address box Tick the options with the desired message types Click Save amp Restart to confirm The settings are saved EARWN gt S Configuring event notifications via SNMP traps For the notification service you can specify up to two SNMP trap recipients and the message types Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 Inthe SNMP traps area specify the recipients via the IP address and the community 4 Tick the options with the desired message types 5 Click Save amp Restart to confirm The settings are saved 4 8 Howto Get Error Messages via the Display Panel myUTN 800 only You can have error states be shown in the panel display on the front side of the Dongleserver myUTN 800 The following message types are possible 59 myUTN User Manual Windows Device Settings e only one power supply works e SD card errors read and write errors no SD card Errors are displayed in codes The meaning of the codes you will find in ch
138. veesiese de csaeeouieutugseeucanhss 123 8 3 LED Display c2c scsseeestscntasoetecrsceoeaeevieuveeataceaeseaeds 142 8 4 Information shown in the display panel myUTN 800 only 143 8 5 SEH UTN Manager Function Overview 0cc cece ee ee nees 144 8 6 Troubleshooting oss cessidiacawrtdwsiaeeddeeeplaa gee eheewwedenes 146 8 7 Additional Tool utnm c4 lt 450044 e044 eon ne eee ee eee eaee erxcnees 151 myUTN User Manual Windows 4 8 8 List Of FIQUIES 2 nc dvscdesicaidedwiddsntes bes eeir EE errnet r i 8 9 Glossary myUTN User Manual Windows What Information Do You Need Purpose System Requirements myUTN User Manual Windows General Information 1 General Information ll e myUTN S86 e Documentation gt B8 e Support and Service gt 211 e Your Safety gt B12 e First Steps gt 13 e Saving the IP Address in the UTN Server 914 mg 1 1 myUTN myUTN myUSB to Network allows you to access non net work ready USB devices e g hard disks printers etc in the net work The USB devices will be connected to the USB port of the UTN server gt The Dongleservers myUTN 80 and myUTN 800 are exclusively designed for the deployment of USB dongles The software tool SEH UTN Manager handles the access of the USB devices The software is installed on all clients that are meant to access a USB device in the network The SEH UTN Manager shows the availab
139. x Program Program Language v v v v vV Program Program Messages v x v x s Program Program Update v x v x x Automatisms Program Start y y 7 p p Autostart Automatisms Auto Disconnect v x v x x Selection List Selection List Mode v x v x Be Selection List Automatic Refresh v x v x Be Port Settings dialog Automatic device connection v BG v x Se Auto Connect Automatic device connection V x 7 n r Print On Demand Plugin mode v x v x x Messages v v v v v v active r read only x inactive grayed out rw read and write INI ini file 9873 myUTN User Manual Windows 145 Appendix Troubleshooting Problem Possible Cause 8 6 Troubleshooting This chapter describes some problems and their solutions e The UTN server signalizes the BIOS mode 92146 e Some functions in the SEH UTN Manager are hidden enabled or appear dimmed 92148 e USB devices are not shown in the SEH UTN Manager gt 12148 e The SEH UTN Manager displays several USB devices at one USB port gt 2148 e A connection to the UTN server cannot be established gt E149 e A connection to the USB port cannot be established 912149 e A connection to the myUTN Control Center cannot be established gt 149 e The password is no longer available gt 2150 The UTN server signalizes the BIOS mode The UTN server switches to th
140. x for the IPv6 address The value 64 is preset Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The decimal number is separated by 3 3 How to Configure the DNS DNS is a service that translates domain names into IP addresses Using DNS names can be assigned to IP addresses and vice versa If a DNS server is available in your network you can use DNS for your UTN server If you use a domain name during the configuration process you must first enable and configure DNS DNS is used for the configura tion of the time server for example Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK DNS 3 Configure the DNS parameters siehe Tabelle 4 gt 42 4 Click Save amp Restart to confirm The settings are saved 41 SNMPv1 SNMPv3 myUTN User Manual Windows Network Settings Tabelle 4 DNS Parameters Parameters Description DNS Enables disables the name resolution via a DNS server Primary DNS server Defines the IP address of the primary DNS server Secondary DNS server Defines the IP address of the secondary DNS server The secondary DNS server is used if the first one is not available Domain name suffix Defines the domain name of an existing DNS server 3 4 How to Configure SNMP SNMP Simple Network Management Protocol has become the standard protocol for the administration and mo
141. y the S MIME certificate Click Install The S MIME certificate is saved in the UTN server EFAAARWN SD 99 Requirements myUTN User Manual Windows Security Deleting Certificates Do not delete the certificate CA self signed PKCS 12 if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center If the corresponding certifi cate is deleted the myUTN Control Center can no longer be reached In this case you have to reset the parameters of the UTN server see 9113 M A certificate is installed on the UTN server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Select the certificate to be deleted via the icon Q The certificate is displayed Click Delete The certificate is deleted A 100 What is IEEE 802 1X What is EAP What is RADIUS What Do You Want To Do myUTN User Manual Windows Security 6 7 How to Use Authentication Methods By means of an authentication a network can be protected against unauthorized access The UTN server can participate in various authentication procedures This section describes which procedures are supported and how these procedures are configured on the UTN server The IEEE 802 1X standard provides a basic structure for various authentication and key management protocols IEEE 802 1X allows you to control the access to networks Before users gain access to a network via
142. ypted connection means that client and UTN server commu nicate via the UTN port The port number 9200 is preset 55 UTN SSL Port Requirements Tip myUTN User Manual Windows Device Settings Encrypted connection means that client and UTN server communi cate via the UTN SSL port The port number 9443 is preset In order to use an encrypted connection you must enable the port encryp tion see gt 8108 Bails I This UTN port or the UTN SSL port must not be blocked by a firewall If required you can change the port number on the UTN server MI In order that the SEH UTN Managers installed on the clients receive the current port number the SNMPv1 parameter must be activated see 91242 Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE UTN port 3 Enter the port number into the UTN port or UTN SSL port box 4 Click Save amp Restart to confirm The settings are saved 4 5 How to Assign a Name to a USB Port You can assign any name to the USB port This port name will be dis played in the myUTN Control Center and the SEH UTN Manager If no port name is defined the name of the USB device connected will be displayed Some USB devices have cryptic or ambiguous names Assign a clear description e g the name of a corresponding software to the USB port and thus the USB device This gives you a better overview of the USB devices available in the network Pro
Download Pdf Manuals
Related Search