Manuals / Cisco Systems / Computer Equipment / Network Card

Cisco Systems 4.2 manual About This Guide, Installing and Configuring Cisco Access Registrar

Models: 4.2

1 94

Download 94 pages 10.59 Kb

Page 14

Image 14

About This Guide

•World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html

Installing and Configuring Cisco Access Registrar, 4.2

	xiv	OL-17221-02

Page 14

Image 14

Cisco Systems 4.2 manual About This Guide, Installing and Configuring Cisco Access Registrar, OL-17221-02

Contents

November Americas HeadquartersInstalling and Configuring Cisco Access Registrar Cisco Systems, Inc 170 West Tasman Drive San Jose, CAInstalling and Configuring Cisco Access Registrar Copyright 2007 Cisco Systems, Inc. All rights reservedCisco.com C O N T E N T SOverview License Slabs3-12 Using pkgrm to Remove Cisco Access Registrar Solaris Software3-11 3-12Installing Cisco Access Registrar Software from CD-ROM Using aregcmdCreating a RemoteServer Creating and Setting Group MembershipUsing a Script to Determine Service Contents Configuring Session ManagementConfiguring Session Management Installing and Configuring Cisco Access RegistrarOL-17221-02 viiiContents Installing and Configuring Cisco Access Registrar Cisco.com About This GuideObtaining Documentation Cisco Product Security Overview Reporting Security Problems in Cisco ProductsDocumentation Feedback For Emergencies only - security-alert@cisco.comhttp//tools.cisco.com/RPF/register/register.do Obtaining Technical AssistanceCisco Technical Support & Documentation Website Submitting a Service Request Definitions of Service Request SeverityObtaining Additional Publications and Information xiiiOL-17221-02 Installing and Configuring Cisco Access RegistrarAbout This Guide Overview Installation Dialog OverviewInstallation Type C H A P T E RJava 2 Runtime Environment Installation LocationLicense File Location Open Database ConnectivityContinue with Installation Downloading Cisco Access Registrar SoftwareExample Configuration Base DirectoryCisco Access Registrar 4.2 Licensing CSCOar-4.2.1-sol10-k9.tar.gz for SolarisProduct Getting Cisco Access Registrar 4.2 LicenseLicense Slabs DescriptionSample License File Installing Cisco Access Registrar 4.2 LicensesAdding Additional Cisco Access Registrar 4.2 Licenses opt/CSCOar/bin/arserver restartLaunching aregcmd aregcmd Command-Line OptionDisplaying License Information aregcmd -l directorynameOL-17221-02 Chapter 1 Overview Cisco Access Registrar 4.2 LicensingInstalling and Configuring Cisco Access Registrar Installing the Cisco Access Registrar 4.2 License File, page Installing Cisco Access RegistrarInstalling the Cisco Access Registrar 4.2 License File Installing Cisco Access Registrar 4.2 Software on Solaris, pageInstalling Downloaded Software Deciding Where to InstallInstalling Cisco Access Registrar Software from CD-ROM Deciding Where to Installzcat CSCOar-4.2.1-sol9-K9.tar.gz tar xvf Common Solaris Installation StepsStep 5 Proceed to Common Solaris Installation Steps pkgadd -d /tmp CSCOarStep 9 Enter the directory or mount point where the J2RE is installed Chapter 2 Installing Cisco Access Registrar Step 13 Enter Y to install the setuid/setgid filesStep 14 Enter Y to continue with the software installation Installing Cisco Access Registrar 4.2 Software on SolarisConfiguring SNMP Installing Cisco Access Registrar 4.2 Software on LinuxInstalling Cisco Access Registrar on LDoms RPC Bind Serviceschmod 777 CSCOar-4.2.1-lnx26-install-K9.sh Common Linux Installation Stepscp CSCOar-4.2.1-lnx26-install-K9.sh /tmp cd /cdrom/cdrom0/kit/linux-2.4Build Host spencer.cnslab.cisco.com CSCOar-4.2.1-lnx26-install-k9.shBuild Date Mon Nov 03 235551 Copyright CInstalling Cisco Access Registrar 4.2 Software on Linux Configuring SNMPChapter 2 Installing Cisco Access Registrar Installing and Configuring Cisco Access RegistrarInstalling Cisco Access Registrar 4.2 Software on Linux 2-10Chapter 2 Installing Cisco Access Registrar Installing and Configuring Cisco Access RegistrarLinux Software Upgrade Overview, page Software Upgrade Tasks, page Solaris Software Upgrade OverviewSolaris Software Upgrade Overview, page Installing the Cisco Access Registrar License File, pagecd /opt mv AICar1 CSCOar Linux Software Upgrade OverviewSee Using pkgrm to Remove Cisco Access Registrar Solaris Software etc/init.d/arserver restartcd /radius/replication Software Upgrade TasksDisabling Replication etc/init.d/arserver restartpkgrm AICar1 Using pkgrm to Remove Cisco Access Registrar Solaris SoftwareRemoving the AICar1 Package Chapter 3 Upgrading Cisco Access Registrar Software Removing the CSCOar Packagepkgrm CSCOar Software Upgrade TasksUsing uninstall-ar to Remove Linux Software cd /opt/CSCOar/bin uninstall-arDeciding Where to Install, page Installing the Cisco Access Registrar License FileUpgrading Cisco Access Registrar Solaris Software Installing Cisco Access Registrar Software from CD-ROM, pageInstalling Downloaded Software zcat CSCOar-4.2.1-sol9-k9.tar.gz tar xfInstalling Cisco Access Registrar Software from CD-ROM Common Solaris Installation StepsStep 1 For a full install, press Enter Step 9 Enter Y to install the setuid/setgid files 3-10Step 7 Enter the administrator userID and password Step 10 Enter Y to continue with the software installationConfiguring SNMP Back-up Copy of Original Configuration3-11 If you choose not to use the SNMP features of CAR, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP3-12 VSA Update ScriptRemoving Old VSA Names Common Linux Installation Steps, page Upgrading Cisco Access Registrar Linux SoftwareUsing uninstall-ar to Remove Linux Software, page opt/CSCOar/datacd /opt/CSCOar/bin arserver stop uninstall-arcp CSCOar-4.2.1-lnx26-install-k9.sh /tmp cd /cdrom/cdrom0/kit/linux-2.63-15 chmod 777 CSCOar-4.2.1-lnx26-install-k9.shCSCOar-4.2.1-lnx26-install-K9.sh Common Linux Installation Steps3-16 directory where it is installedopt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html Backup Copy of Original Configuration3-17 PreparingChapter 3 Upgrading Cisco Access Registrar Software 3-18VSA Update Script Upgrading Cisco Access Registrar Linux Software3-19 Configuring SNMPRestarting Replication Configuring SNMPInstalling and Configuring Cisco Access Registrar 3-20Chapter 3 Upgrading Cisco Access Registrar Software Restarting ReplicationGeneral Command Syntax Configuring Cisco Access RegistrarUsing aregcmd Using aregcmd, page Configuring a Basic Site, pageRunning aregcmd Configuring a Basic Sitearegcmd Commands cd admin Changing the Administrator’s Passwordcd //localhost/Administrators set Passwordcd /Administrators Configuring the RADIUS ServerCreating Additional Administrators add jane testadminSelecting Ports to Use Checking the System-Level Defaultsset DefaultSessionManager Checking the Server’s Healthcd /Radius/Advanced/Ports Displaying the UserListsStep 1 Change directory to /Radius/Advanced/Ports add add lsls -R Displaying the Default UserListAdding Users to UserLists add janeDisplaying UserGroups set password janecd /Radius/UserLists/Default delete beth Deleting Userscd /Radius/Clients Configuring ClientsAdding a NAS add QuickExampleNASset IncomingScript ParseServiceHints EnableDynamicAuthorization TRUE Configuring ProfilesSetting RADIUS Attributes EnableNotifications TRUESaving and Reloading Validating and Using Your ChangesAdding Multiple Cisco AV Pairs set Framed-Routing 192.168.1.0/24radclient -s Testing Your ConfigurationUsing radclient simple john johnSetting the Trace Level Configuring AccountingTroubleshooting Your Configuration p001 sendStopping the Master Agent Enabling SNMP in the Cisco Access Registrar Serverset Enabled TRUE aregcmd cd /Radius/Advanced/SNMPopt/CSCOar/bin/arserver stop Access ControlModifying the snmpd.conf File 4-15Trap Recipient Configuring Dynamic DNSRestarting the Master Agent System Contact Informationcd /Radius/RemoteServers add ddns cd /Radius/Advanced/DDNS/TSIGKeys add foo.comcd foo.com set Secret base64-encoded string cd ddns set Protocol dynamic-dnsset ForwardZoneTSIGKey foo.com set ReverseZoneTSIGKey foo.com Testing Dynamic DNS with radclientset IPAddress 10.10.10.1 ip address of primary dns server for zone cd /Radius/ResourceManagers add ddnsacctrequest Start username cd /opt/CSCOar/bin aregcmdtrace Step 3 Launch radclient cd /opt/CSCOar/bin radclient set p acctrequest Start bobInstalling and Configuring Cisco Access Registrar 4-20Chapter 4 Configuring Cisco Access Registrar Configuring Dynamic DNS OL-17221-02Configuring Specific Groups Customizing Your ConfigurationConfiguring Groups C H A P T E Rcd /Radius/UserLists/Default/jean Creating and Setting Group Membershipadd PPP-users Users who always connect using PPP default-PPP-users Objectcd /Radius/UserGroups/Default Configuring a Default GroupUsing a Script to Determine Service set AuthorizationScript AuthorizeServicesave Configuring Multiple UserListsset Group Default reloadCreating Separate UserLists Configuring Separate UserListsConfiguring Users Populating UserListscd /Radius/Services Configuring ServicesCreating Separate Services cd /Radius/Services/North-usersChoosing the Scripting Point Configuring the ScriptClient Scripting cd /Radiusadd ParseUserName Rex libParseUserName.so ParseUserName Configuring a Remote Server for AAHandling Multiple Scripts Save tcl scripts in the directory /opt/CSCOar/scripts/radius/tclcd /Radius/RemoteServers Configuring the Remote ServerCreating a RemoteServer add QuickExampleset Port set UserPasswordAttribute passwordset protocol ldap 5-10set type ldap Creating Servicesadd remote-ldap Remote LDAP Service 5-11set DefaultAuthentication remote-ldap Configuring Multiple Remote ServersChanging the Authentication and Authorization Defaults set DefaultAuthorization remote-ldapadd North Configuring Two Remote ServersCreating RemoteServers 5-13set protocol radius Creating the Servicescd /Radius/RemoteServers/North set SharedSecretConfiguring the Script set IncomingScript ParseRemoteServers5-15 Choosing the Scripting PointCreating a Resource Manager Configuring Session ManagementConfiguring a Resource Manager 5-16cd /Radius/ResourceManagers Configuring a Session ManagerCreating a Session Manager add rm-100set 1 rm-100 Configuring Session ManagementEnabling Session Management 5-18IN-1 SymbolsI N D E Java 2 Platform IN-2Failover policy IN-3 IN-4