Categories
First Robotics

The best Labview shortcuts and tips

Intro
Labview is used for real-time instrument controls and in First Robotics. It is a purely visual programming environment, which is very strange for me. I am a complete Labview amateur. If you’ve read some of my other posts you might see a pattern emerging! But nevertheless I know a few things. Then I use the program so infrequently I forget them. And Labview is the kind of program where you can spend a lot of time that could have been saved if you just knew a better way. So here is the better way…

The most useful Labview shortcuts
– undo the last thing you did. I think you can undo more than just the last by repeating
– remove broken wires
– to toggle between Front panel and Block diagram
– context-sensitive help
– run the VI
and hold-click, then drag mouse and release – do this between two nodes to push them (and everything else) apart. Works horizontally and vertically!
– Select (a node), -click, move mouse nearby and release – to create a duplicate of a node
– Right-click a node, then choose similar items from this function palette – to quickly find a related function

Tips
– Rt-click on wire, then Clean wire – to make it more tidy
– Click while dragging wire, then move the mouse at a right angle – to create a right-angle bend in the wire just where you want it

Labview mentor training
https://decibel.ni.com/content/docs/DOC-21180 This is a really helpful link for mentors as well as students.


The best resource I have found

Team 358 has put together the best resource for FRC teams I have found – every basic- and intermediate-level difficulty thing you’ll need is explained on this one page. Well worth a bookmark. Thank you team 358! http://team358.org/files/programming/ControlSystem2009-/LabVIEW/. (2/2016 update) But see the references for a working link to this page…

That’s about all I know!

References and related
Team 358’s web site is often not working. I have found a working copy on the Wayback machine of their great Labview tutorial: Team 358 Labview tutorial on archive.org

Categories
Admin

Setting up your SSL-VPN Portal on Juniper SA – a Guide for the rest of us

Intro
I was consulting for a company which got a shiny brand new Juniper SA2500. I’ve heard about such things. In fact I heard about it in the days when Netscreen themselves presented it to us. I was impressed at the time and still am. But how to get the thing working when the documentation is pretty formidable? This company was getting off an old Nortel Alteon platform which I was more familiar with. It, too, was very difficult to master at first. you gotta get their paradigm, I suppose. Once you have it, it’s a walk in the park.

The problem we are addressing
Provide secure access to selected external users to selected Intranet sites. Can’t be that hard, right? That’s the bread and butter for these boxes after all. Ha! 1164 pages of documentation and the basic concepts are almost completely lost in the forest.

The details
So I assembled all the important information here in one short, sweet example. I can’t speak for anyone else, but I myself will use this as a reference from now on!

Open source zealots will say that this SA is an overpriced waste of money since everything we’re doing can be done by apache or Squid or tools like that. We’re just setting up reverse proxy with some fancy authentication after all. But I do genuinely think this network appliance is an appropriate expense for a mid- to large-sized company with It staff too busy to investigate “free” alternatives.

To mix things up a bit – everyone has something unique about their use-case, right? – the same SA2500 is to be used for both Network Connect VPN-style connections as well as this SSL-VPN poprtal application. We will associate the SSL-VPN portal with a VIP on the external interface and give it the name ssl-vpn-portal-vip1.drj.com.

Assumptions
I assume there is RSA authentication, though that doesn’t matter much, and that LDAP group-based authorization will be used.

Other assumptions: the desired users, let’s say the company sales force, are in an LDAP group SalesExtranet_access; and that they need access to Intranet sites https://sales-intranet.drj.com/ and http://quality-asurance.johnthedoctor.net/QA/home.htm; my LDAP authentication server has been set up and called LDAP-extranet.

So here goes.

Authentication
Auth. Servers|LDAP-extranet
click Server Catalog
click Search
in filter field: cn=SalesExtranet_access, then Search
click on group name, then OK. It should now be available for roles.

Role Definition
User Roles|New User Role…
Name: SSL-VPN-SalesExtranet-role
Access: Web.
Save Changes

Resource Definition
Resource Profiles|Web|New profile
Name: SSL-VPN-SalesExtranet-profile
Description: Profile for the SalesExtranet_access group. – DrJ 12/3/12
base URL: https://sales-intranet.drj.com/
Save and Continue
add SSL-VPN-SalesExtranet-role

Add 2nd web site w/ different domain to this role
Resource Profile|Web. Pick SSL-VPN-SalesExtranet-profile, then Duplicate
Rename this profile to SSL-VPN-SalesExtranet-profile-QA or similar
Enter correct URL for this new profile: http://quality-asurance.johnthedoctor.net/QA/home.htm

Role to Group Mapping

For me this is the key step that ties all the pieces together, and is a little non-intuitive
User Realms|SSL-VPN-portal-RSA-realm|Role Mapping
New Rule
Rule based on Group membership.
Update
Name: SSL-VPN-SalesExtranet-roleMapping
If User is a member of SalesExtranet_Access. Add
…then assign these roles: SSL-VPN-SalesExtranet-role
Save Changes

Nota Bene
SSL-VPN-portal-page sign-in page has already been set up. This is a one-time setup. This is the place where you can present a custom message to your users.
Signing-in|Sign-in Policies is where we establish the URL for this portal, e.g.,
Put ssl-vpn-portal-vip1.drj.com first in the list of user URLs in the Signing in screen

Certificate Loading
It’s fairly obvious that to stuff a certificate into the SA you go to
Configuration|Certificates|Device Certificates
because where else would it be?
But it’s less obvious that you need to click on the certificate name to associate it with your vlan and possibly external interface. You can even associate the certificate with both an internal virtual interface as well as an external virtual interface. This kind of flexibility is what drew me to the Juniper solution.

Appendix A
Finding the LDAP Group in Novell eDirectory

This threw me for a loop at first. the single most important thing in this case is that group membership is indicated by the attribute member when you’re setting up the LDAP authentication server, even though when you conduct an ldap query you’d think it would be groupMembership. But I think this could vary according to your particular installation.