Network Services

In addition to providing a IPv4 networking stack, Lantronix gateways also include support for a number of networking protocols and services that deliver a complete network communications offload engine in network co-processor mode. The production ready services work together in wireless microcontroller mode to minimize required application development.

You can configure, start, and stop the clients and servers using the available management interfaces.

DHCP Client

The DHCP client obtains an IP address and other networking parameters when attempting to make a connection on either the wlan0 or eth0 interfaces. Configure the DHCP client for the interfaces by accessing the network interface configuration group for the respective interface.

By default, the interfaces are configured for DHCP mode versus static IP mode.

In Web Manager, go to Network and select eth0 > Interface > Configuration or wlan0 > Interface > Configuration.

For the CLI, see Config Interface level.

For XML, see configgroup interface.

DHCP Server

The DHCP server assigns an IP address to a client attempting to make a connection on the ap0 interface.

Enable the ap0 interface in order for the DHCP server to assign IP addresses to clients connecting on ap0.

See SoftAP for configuration settings and more information.

In Web Manager, go to Network and select ap0 > Interface > Configuration.

For the CLI, see Config Interface level.

For XML, see configgroup interface.

DNS Client

The DNS client resolves and caches the DNS domain name to IP address mapping.

It communicates with the DNS server addresses configured statically or obtained via DHCP within the wlan0 or eth0 interface.

You can configure the Primary DNS and Secondary DNS to define the DNS servers that will be used when performing a domain name lookup.

In Web Manager, go to Network > eth0 or wlan0 > Interface > Configuration.

For the CLI, go to Config Interface level.

For XML, go to configgroup interface.

DNS Server

The DNS performs a redirect when the WLAN client connected to the SoftAP interface issues a DNS request. DNS resolves the request to the SoftAP IP address.

HTTP(S) Server

The HTTP server is used to store, process, and deliver web pages to the Web UI client using HTTP. It also serves resources such as HTML pages, Javascript files, images, etc. to web browser based applications or network applications that utilize the HTTP protocol for communication.

The HTTP server can be configured with TLS to provide secure HTTP communication.

HTTP Server Configuration

You can configure the following HTTP Server settings:

  • Set the operation mode. The HTTP server can be enabled, disabled, or triggered by the CPM role. For details on configurable pins, see CPM.
  • Specify the TLS credential to be used. For details on TLS credentials, see Data Communication Security (TLS).
  • Set the authentication timeout value if Digest Authentication is in use.
  • Specify the Inactivity Timeout for Standby Power mode. For details on managing power settings, see Power Management.

To configure the HTTP server:

In Web Manager, go to HTTP Server > Configuration.

In CLI, see Config HTTP Server Level.

In XML, see configgroup HTTP server.

HTTP Server Configuration Settings

The following table describes the Web Manager HTTP Server configuration settings.

Links to the equivalent settings for the CLI and XML reference are listed below.

In CLI, see Config HTTP Server Level.

In XML, see configgroup HTTP server.

Changes to HTTP Server take effect after reboot.

HTTP Settings Description
Mode Enables or disables the HTTP server.
Choices are:
Enabled
Disabled
Triggered - HTTP Server will wait for the CPM Role to become active. Then the HTTP server stays up indefinitely.
Port HTTP server port number. Default is 80. Clearing the field will restore the default. Enter 0 for none.
Secure Port Secure port number. Enter 0 for none. The default Secure Port (TLS) can be overridden.
Secure Credential TLS server credential. It may contain up to 30 characters. The secure credential specifies the name of the TLS Server Credential to be used for the secure connection.
Authentication Timeout The Authentication Timeout value is applied only if Digest authentication is being used.
Inactivity Timeout The amount of time the HTTP server will hold power on after completing a request. This setting only applies if HTTP Server is enabled in Power settings. The HTTP Server will hold power on this long after it completes a request.

HTTP Server Security Access Control

HTTP Server security provides role-based access control enabling you to assign authentication directives to specific URIs. You can control access to built-in URIs, such as "/tlog" or "/upgrade", or ones that you create, such as a "/welcome" URI.

To assign access control to specific URIs, you specify the authentication type (what type of passphrase is required) and the user level (Admin, Tech, or User). The access control is hierarchical; Admin can access URIs assigned to Admin or below, while Tech can access URIs assigned to Tech or User level, and User can only access URIs granted to User level. Additionally, the Tech user level can only see URIs associated with their assigned Zone(s). See User Management for more details on zones.

The permission settings of a URI are passed on to the child folders of that URI, unless you set a different permission directive for a child folder. The directive will override the parent folder's access control setting.

Built-in URIs

The following URIs are built in to the server:

URI Description
/ajax Web Manager
/fs File System Web API
/logout Digest Authentication
/mux_http Mux Listener
/tlog Trouble Log
/upgrade Firmware Upgrade
/export/status Export status
/export/config Export configuration
/import/config Import configuration
/action/status Web API actions

To configure HTTP server security access control:

  1. Enter a URI, starting with / and configure the authentication type and user level.
  2. If you have not created a Tech level user or User level user, do so now. See User Management for details.
  3. If necessary, create the URI and add an html file to the file system. See File System. If you configured access control on a built-in URI, you can skip this step.
  4. Test the authorization levels by pointing the browser to the specified URI (/URI) and logging in with the appropriate user level.

For Web Manager, go to HTTP Server > Security.

For CLI, see Config HTTP Server Security Level.

For XML, see configgroup HTTP Server Security.

SNTP Client

The Simple Network Time Protocol (SNTP) client synchronizes with the Network Time Protocol (NTP) server. NTP is an Internet protocol used to synchronize computer clocks to a single time reference.

You can configure the Clock settings to update according to NTP or to update manually. For information on how to set the clock, see Date and Time.

You can also view and set the SNTP client configuration. See NTP.

SMTP Client

The Simple Mail Transfer Protocol (SMTP) client is used to configure an email message to be sent using an external SMTP server.

The SMTP client is available only through the CLI. To configure an email message, see Status SMTP level.

Example usage follows:

Send <ssl server hostname>
<username>
<password>
<from mail address>
<first recipient mail address>
[optional second recipient mail address]
[...] <-- Empty line ends recipient list
<subject>
<first line of body>
[optional second line of body]
[...] <-- Empty line ends body

TCP Client

The TCP client initiates a Tunnel connection with a TCP server that is listening on a designated port for a request.

TCP connections can use AES or TLS to encrypt the data stream. To configure the connection using either of these encryption types, you will need to supply an AES credential or TLS credential.

To configure TCP connections, see TruPort Serial.

TCP Server

The TCP server accepts Tunnel connection requests initiated by a TCP client.

TCP connections can use AES or TLS to encrypt the data stream. To configure the connection using either of these encryption types, you will need to supply an AES credential or TLS credential.

To configure TCP connections, see TruPort Serial.

UDP Client and Server

User Datagram Protocol (UDP) can be used to provide an alternative transport-layer protocol for Tunnel connections.

You can configure Tunnel to use UDP protocol. The reception setting can be "restricted" or "unrestricted." When it is set to "restricted," UDP packets will only be accepted from the address and port designated by the Host Address and Port. The remote address and port of the first received packet are taken as designated until the socket is closed. When it is set to "unrestricted," UDP packets from any IP address will be accepted as long as they are directed to the local Port.

To configure UDP, see TruPort Serial.

TLS Client

TLS can be configured for TCP tunnel connections or Socket (Mux).

TLS can be configured with HTTP to provide a secure HTTP server. For details on setting up TLS with HTTP, see HTTPS Server.

To configure TLS, you create a TLS credential that contains the security details such as the certificate, private key, and trusted authority, as needed.

The TLS protocol version must be one of the following combinations:

  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • TLS 1.1, TLS 1.2
  • TLS 1.0, TLS 1.1, TLS 1.2

To set up a TLS client for a tunnel or Mux connection, specify the TLS credential as part of the connection settings.

See TruPort Serial or TruPort Socket for details on how to set up these connections.

TLS Server

TLS can be configured for TCP tunnel connections or Socket (Mux).

To configure TLS, you create a TLS credential that contains the security details such as the certificate, private key, and trusted authority, as needed.

The TLS protocol version must be one of the following combinations:

  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • TLS 1.1, TLS 1.2
  • TLS 1.0, TLS 1.1, TLS 1.2

To set up a TLS server for a TruPort Serial (tunnel) or TruPort Socket (Mux) connection, specify the TLS credential as part of the connection settings.

See TruPort Serial or TruPort Socket for details on how to set up these connections.

Network Discovery

Network discovery allows applications on the network to discover the Lantronix gateway. An application such as DeviceInstaller issues discovery queries according to the Lantronix Discovery Protocol operating on UDP port 30718 (0x77FE).

To allow applications to discover the device, you enable the Discovery Query Port parameter for the network interface instances. Discovery is enabled by default.

To prevent applications from discovering the device, you disable the Query Port parameter for the network interface instances.

In Web Manager, go to Discovery > ap0 or eth0 or wlan0 > Configuration. Enable or disable the query port state.

For the CLI, see Config Discovery level.

For XML, see configgroup Discovery.

CLI Server

The CLI Server allows you to access the command mode remotely over the network using Telnet. By default, the CLI Server is disabled and remote access to the command line is not available. To connect using Telnet, the CLI server must be enabled in the configuration.

To configure the CLI Server:

In Web Manager, go to CLI Server > Configuration.

For CLI, see Config CLI Server Level.

For XML, see configgroup CLI Server.