Serial Connections

You can use a serial connection to connect a computer directly to the SafeNet Luna Network HSM to access the LunaSH command line.You must use a serial connection to perform your initial configuration. Once the network parameters are established, you can switch to an SSH session over your network.

Direct administration connection via serial terminal is the method for initial configuration for the following reasons:

>The specific IP address, randomly assigned to your SafeNet appliance by an automated testing harness during final factory testing, is unknown.

>Configuring network settings via SSH, in addition to requiring the original IP address, necessarily involves losing that connection when a new IP is set.

>A direct serial connection is the only route to log into the "Recover" account, in case you ever lose the appliance's admin password and need to reset. Therefore, you should verify that the connection works before you need it - performing the appliance's network configuration is an ideal test.

>If you ever need to issue the hsm factoryreset command, you must be connected through a local serial console for that command to be accepted.

To open a serial connection:

1.Connect the serial port on the HSM appliance's rear panel to a terminal server, dumb terminal, PC, or laptop, using the supplied Prolific Technology Inc. USB to RJ45 (with 8P8C connector) adapter.

2.If the driver for the Prolific Technology Inc. USB to RJ45 (with 8P8C connector) adapter did not download and install automatically, go to http://www.prolific.com to download and install the PL2303 USB-to-Serial Windows driver.

3.Open Device Manager (Control Panel > HardwareDevice Manager) and expand the Ports (COM and LPT) folder. If the driver installed successfully, an entry is displayed for the Prolific USB-to-Serial Comm Port, followed by the port associated with the adapter. For example:

Prolific USB-to-Serial Comm Port (COM4)

Record the COM port (COM4 in this example) associated with the adapter. You will need this port number when you open a serial connection.

4.Use a terminal emulation package, such as PuTTY, to open a serial connection to the COM port associated with your Prolific USB-to-Serial adapter. Set the serial connection parameters as follows:

Baud rate 115200
Data bits 8
Parity None
Stop bits 1

5.When the connection is made, the HSM appliance login prompt appears: [local_host] login:, where [local_host] is the currently configured host name. The displayed host name is updated when you assign a new host name to your HSM appliance and open a new session.

NOTE   You might need to press ENTER several times to initiate the session. You must log in within two minutes of opening an administration session, or the connection will time out.

Serial Pinout

The Network HSM appliance serial port uses a configuration equivalent to the Cisco Terminal Console. The Prolific Technologies Inc. RJ45-to-USB serial adapter cable uses a standard RJ45 pinout configuration:

NOTE   The Network HSM appliance does not implement serial handshaking, so RTS/CTS (pins 1 and 8) and DSR/DTR (pins 7 and 2) are not used for a successful connection.

The important signals are TxD and RxD (pins 3 and 6).

Troubleshooting

This section contains recommendations for troubleshooting serial connections on the SafeNet Luna Network HSM.

Windows 10 occasionally crashes when trying to detect a serial port

This is a known issue with the Windows 10 PL2303 drivers. If you experience trouble opening a serial connection using Windows 10, use another supported operating system.