Cisco Systems 4.2 Cd /Radius/Advanced/DDNS/TSIGKeys Add foo.com, Cd ddns Set Protocol dynamic-dns

Page 69

Chapter 4 Configuring Cisco Access Registrar 4.2

Configuring Dynamic DNS

You enable dynamic DNS updates by creating and configuring new Resource Managers and new RemoteServers, both of type dynamic-dns. The dynamic-dns Resource Managers specify which zones to use for the forward and reverse zones and which Remote Servers to use for those zones. The dynamic-dns Remote Servers specify how to access the DNS Servers.

Before you configure Cisco AR you need to gather information about your DNS environment. For a given Resource Manager you must decide which forward zone you will be updating for sessions the resource manager will manage. Given that forward zone, you must determine the IP address of the primary DNS server for that zone. If the dynamic DNS updates will be protected with TSIG keys, you must find out the name and the base64 encoded value of the secret for the TSIG key. If the resource manager should also update the reverse zone (ip address to host mapping) for sessions, you will also need to determine the same information about the primary DNS server for the reverse zone (IP address and TSIG key).

If using TSIG keys, use aregcmd to create and configure the keys. You should set the key in the Remote Server or the Resource Manager, but not both. Set the key on the Remote Server if you want to use the same key for all of the zones accessed through that Remote Server. Otherwise, set the key on the Resource Manager. That key will be used only for the zone specified in the Resource Manager.

To configure Dynamic DNS, complete the following steps:

Step 1 Launch aregcmd.

Step 2 Create the dynamic-dns TSIG Keys:

cd /Radius/Advanced/DDNS/TSIGKeys

add foo.com

This example named the TSIG Key, foo.com, which is related to the name of the example DNS server we use. You should choose a name for TSIG keys that reflects the DDNS client-server pair (for example, foo.bar if the client is foo and the server is bar), but you should use the name of the TSIG Key as defined in the DNS server.

Step 3 Configure the TSIG Key:

cd foo.com

set Secret <base64-encoded string>

The Secret should be set to the same base64-encoded string as defined in the DNS server. If there is a second TSIG Key for the primary server of the reverse zone, follow these steps to add it, too.

Step 4 Use aregcmd to create and configure one or more dynamic-dns Remote Servers.

Step 5 Create the dynamic-dns remote server for the forward zone:

cd /Radius/RemoteServers

add ddns

This example named the remote server ddns which is the related to the remote server type. You can use any valid name for your remote server.

Step 6 Configure the dynamic-dns remote server:

cd ddns

set Protocol dynamic-dns

 

 

Installing and Configuring Cisco Access Registrar, 4.2

 

 

 

 

 

 

OL-17221-02

 

 

4-17

 

 

 

 

 

Image 69
Contents Installing and Configuring Cisco Access Registrar Installing and Configuring Cisco Access Registrar N T E N T S Upgrading Cisco Access Registrar Software Installing Cisco Access Registrar Software from CD-ROM3-14 Creating and Setting Group Membership Configuring Session Management Viii Cisco.com Obtaining DocumentationYou can access international Cisco websites at this URL Reporting Security Problems in Cisco ProductsDocumentation Feedback Cisco Product Security OverviewCisco Technical Support & Documentation Website Obtaining Technical AssistanceDefinitions of Service Request Severity Submitting a Service RequestXiii Obtaining Additional Publications and InformationXiv Installation Type Installation Dialog OverviewLicense File Location Installation LocationJava 2 Runtime Environment Open Database ConnectivityExample Configuration Downloading Cisco Access Registrar SoftwareContinue with Installation Base DirectoryCSCOar-4.2.1-sol10-k9.tar.gz for Solaris Cisco Access Registrar 4.2 LicensingLicense Slabs Getting Cisco Access Registrar 4.2 LicenseLicense slabs available in CAR 4.2 are listed in Table Or stand-byAdding Additional Cisco Access Registrar 4.2 Licenses Installing Cisco Access Registrar 4.2 LicensesSample License File Opt/CSCOar/bin/arserver restartDisplaying License Information Aregcmd Command-Line OptionLaunching aregcmd Aregcmd -l directorynameOL-17221-02 This chapter contains the following sections Installing the Cisco Access Registrar 4.2 License FileDeciding Where to Install Installing Cisco Access Registrar Software from CD-ROMInstalling Downloaded Software Enter the following command to begin the installation Common Solaris Installation StepsFor a full install, press Enter Zcat CSCOar-4.2.1-sol9-K9.tar.gz tar xvfInstalling and Configuring Cisco Access Registrar Enter Y to install the setuid/setgid files Installing Cisco Access Registrar on LDoms Installing Cisco Access Registrar 4.2 Software on LinuxConfiguring Snmp RPC Bind ServicesCp CSCOar-4.2.1-lnx26-install-K9.sh /tmp Common Linux Installation StepsChmod 777 CSCOar-4.2.1-lnx26-install-K9.sh Cd /cdrom/cdrom0/kit/linux-2.4CSCOar-4.2.1-lnx26-install-k9.sh Enter the name of the script file to begin the installationPreparing OL-17221-02 Solaris Software Upgrade Overview Upgrading Cisco Access Registrar SoftwareLinux Software Upgrade Overview Cd /opt Mv AICar1 CSCOarEtc/init.d/arserver restart Software Upgrade Tasks Disabling ReplicationCd /radius/replication Removing the AICar1 Package Pkgrm AICar1Enter y or yes to continue removing the AICar1 package Removing the CSCOar Package Pkgrm CSCOarEnter y or yes to continue removing the CSCOar package Using uninstall-ar to Remove Linux Software Cd /opt/CSCOar/bin Uninstall-arEnter Yes or Y to continue removing the Linux software Upgrading Cisco Access Registrar Solaris Software Installing the Cisco Access Registrar License FileZcat CSCOar-4.2.1-sol9-k9.tar.gz tar xf Http//java.sun.com Where is the J2RE installed? ?,q Enter Y to preserve the local database Enter the administrator userID and passwordBack-up Copy of Original Configuration Removing Old VSA Names VSA Update ScriptUpgrading Cisco Access Registrar Linux Software Opt/CSCOar/dataServer Run the uninstall-ar program as shown below Cd /opt/CSCOar/bin arserver stopCd /cdrom/cdrom0/kit/linux-2.6 Build Date Fri Nov 07 235551 Enter Y to remove old sessions or N to retain old sessions Oraclehome Backup Copy of Original ConfigurationRemoving Old VSA Names Restarting Replication Configuring SnmpOL-17221-02 General Command Syntax Using aregcmdConfiguring a Basic Site Aregcmd CommandsRunning aregcmd Cd //localhost/Administrators Changing the Administrator’s PasswordCd admin Set PasswordCreating Additional Administrators Configuring the Radius ServerCd /Administrators Add jane testadminSet DefaultSessionManager Checking the System-Level DefaultsSelecting Ports to Use Checking the Server’s HealthAdd Displaying the UserListsSave ReloadAdding Users to UserLists Displaying the Default UserListLs -R Add janeSet password jane Use the set command to provide a password for user janeCd /Radius/UserLists/Default Delete beth Displaying UserGroupsAdding a NAS Configuring ClientsCd /Radius/Clients Add QuickExampleNASSetting Radius Attributes Configuring ProfilesCd /Radius/Profiles/Default-PPP-users/Attributes Set Service-Type FramedAdding Multiple Cisco AV Pairs Validating and Using Your ChangesSaving and Reloading Set Framed-Routing 192.168.1.0/24Using radclient Testing Your ConfigurationRadclient -s Simple john johnTroubleshooting Your Configuration Configuring AccountingSetting the Trace Level P001 sendSet Enabled True Enabling Snmp in the Cisco Access Registrar ServerStopping the Master Agent Aregcmd Cd /Radius/Advanced/SNMPCreate a view to enable the groups to have rights Access ControlModifying the snmpd.conf File Opt/CSCOar/bin/arserver stopRestarting the Master Agent Configuring Dynamic DNSTrap Recipient System Contact InformationCd foo.com Set Secret base64-encoded string Cd /Radius/Advanced/DDNS/TSIGKeys Add foo.comCd /Radius/RemoteServers Add ddns Cd ddns Set Protocol dynamic-dnsTesting Dynamic DNS with radclient Cd /Radius/ResourceManagers Add ddnsSave the changes you have made Trace Launch radclient Cd /opt/CSCOar/bin Radclient Cd /opt/CSCOar/bin AregcmdAcctrequest Start username Set p acctrequest Start bobOL-17221-02 Configuring Specific Groups Configuring GroupsCreating and Setting Group Membership Cd /Radius/UserLists/Default/jeanCd /Radius/UserGroups Using a Script to Determine Service Configuring a Default GroupSet Group Default Configuring Multiple UserListsConfiguring Users Configuring Separate UserListsCreating Separate UserLists Populating UserListsConfiguring Services Creating Separate ServicesCreating the Script Client Scripting Configuring the ScriptChoosing the Scripting Point Cd /RadiusConfiguring a Remote Server for AA Handling Multiple ScriptsAdd ParseUserName Rex libParseUserName.so ParseUserName Creating a RemoteServer Configuring the Remote ServerCd /Radius/RemoteServers Add QuickExampleSet protocol ldap Use the set command to specify the protocol ldapCreating Services Add remote-ldap Remote Ldap ServiceSet type ldap Changing the Authentication and Authorization Defaults Configuring Multiple Remote ServersSet DefaultAuthentication remote-ldap Use the set command to change the DefaultAuthorizationConfiguring Two Remote Servers Creating RemoteServersAdd North Creating the Services Set IncomingScript ParseRemoteServers Use the cd command to change to the Scripts objectConfiguring Session Management Configuring a Resource ManagerCreating a Resource Manager Creating a Session Manager Configuring a Session ManagerUse the reload command to reload the Cisco AR server Configuring Session ManagementEnabling Session Management Set 1 rm-100PPP SymbolsDefault ports Default-PPP-users DefaultAuthorizationServiceInstalling CAR on LDoms Overview SolarisRoundRobin policy RPC services MultipleServersPolicy 5-6,5-11,5-14Reloading Reloading server Remote Servers Sample users Save command Transactions per secondDefinition Well-known ports
Related manuals
Manual 214 pages 55.15 Kb Manual 34 pages 46.13 Kb

4.2 specifications

Cisco Systems, a global leader in IT and networking solutions, has consistently evolved to meet the demands of modern enterprises. One of its noteworthy offerings is Cisco Systems 4.2, a version that embodies a significant leap in networking technology and capability. With its rich set of features, Cisco Systems 4.2 caters to a wide range of industries, facilitating enhanced performance and security.

One of the main features of Cisco Systems 4.2 is its improved scalability. The architecture has been designed to support an ever-increasing number of devices and users, making it ideal for growing enterprises. The enhanced scalability allows organizations to expand their network capacities without compromising performance, ensuring seamless integration of new technologies and devices.

Another critical aspect of Cisco Systems 4.2 is its advanced security protocols. With cyber threats constantly evolving, Cisco prioritizes security in this version by offering robust features such as end-to-end encryption, improved firewall capabilities, and enhanced intrusion detection systems. These security enhancements provide organizations with peace of mind, knowing that their sensitive data and networks are well-protected from unauthorized access and potential threats.

Cisco Systems 4.2 also introduces intelligent automation features, which significantly streamline network management. Through the use of artificial intelligence and machine learning, Cisco enables organizations to automate routine tasks, reduce human error, and optimize performance. This automation not only enhances efficiency but also allows IT teams to focus on strategic initiatives rather than day-to-day maintenance.

Moreover, Cisco Systems 4.2 emphasizes infrastructure flexibility. The new architecture supports various deployment models, including on-premises, cloud, and hybrid environments. This flexibility enables organizations to adapt their networking strategies according to their specific needs and operational requirements, facilitating a more tailored approach to IT infrastructure.

Collaboration tools have also been enhanced in this version. Cisco Systems 4.2 integrates advanced communication solutions that empower teams to collaborate in real time, regardless of their geographical location. Features such as high-definition video conferencing, secure messaging, and file sharing enhance productivity and foster innovation across teams.

In summary, Cisco Systems 4.2 stands out as a forward-thinking networking solution with key features such as scalability, advanced security, intelligent automation, flexible infrastructure, and enhanced collaboration tools. These characteristics position Cisco Systems 4.2 as an invaluable asset for enterprises striving for digital transformation in an increasingly interconnected world. The ongoing innovation reflects Cisco's commitment to delivering cutting-edge technology solutions that drive business success and resilience.