Manuals / Cisco Systems / Computer Equipment / Network Card

Cisco Systems 4.2 manual IN-3

Models: 4.2

1 94

Download 94 pages 10.59 Kb

Page 93

IN-3

Index

L

Launching aregcmd			1-7
LDAP
properties		5-10
server configuration 5-10
service	5-11
License file	2-1
location	1-2
local service	4-6,5-6
local-users 4-7
login command		4-2
Login conventions			5-3
logout command		4-2
ls command	4-2

P

Password

changing 4-3

Permissions
setuid/setgid	1-3
Ports 4-5
PPP users 4-7
prev command	4-2
Profile
configuring	4-10

setting base profile 5-2Property commands 4-2pwd command 4-2

		Q
M		query-sessions command 4-2
		query-sessions command 4-2
Master agent		quit command 4-2
stopping	4-14,4-16

MultipleServersPolicy 5-6,5-11,5-14

N

NAS

adding 4-9shared secret 4-9USR 5-16

Navigation commands 4-2

next command 4-2

O

Object commands 4-2

ODBC 1-2

Outage Policy 5-6,5-11

R

radclient
testing configuration				4-12
RADIUS
configuration			4-4
service	5-14
release-sessions command				4-2
reload command		4-2,4-11,5-2,5-4,5-8,5-12,5-15,5-18
Reloading 4-11
Reloading server		5-2
Remote Servers		5-8,5-12
RemoteServers
dynamic-dns 4-16
Resource Managers			5-16
ReverseZoneTSIGKey 4-17
RoundRobin	5-11,5-14
RoundRobin policy			5-11
RPC services	2-6

Installing and Configuring Cisco Access Registrar, 4.2

	OL-17221-02	IN-3

Image 93

Cisco Systems 4.2 manual IN-3

Contents

Installing and Configuring Cisco Access Registrar Americas HeadquartersNovember Cisco Systems, Inc 170 West Tasman Drive San Jose, CACopyright 2007 Cisco Systems, Inc. All rights reserved Installing and Configuring Cisco Access RegistrarOverview C O N T E N T SCisco.com License Slabs3-11 Using pkgrm to Remove Cisco Access Registrar Solaris Software3-12 3-12Using aregcmd Installing Cisco Access Registrar Software from CD-ROMCreating and Setting Group Membership Using a Script to Determine ServiceCreating a RemoteServer Configuring Session Management Configuring Session ManagementContents Installing and Configuring Cisco Access Registrarviii Contents Installing and Configuring Cisco Access RegistrarOL-17221-02 About This Guide Obtaining DocumentationCisco.com Documentation Feedback Reporting Security Problems in Cisco ProductsCisco Product Security Overview For Emergencies only - security-alert@cisco.comObtaining Technical Assistance Cisco Technical Support & Documentation Websitehttp//tools.cisco.com/RPF/register/register.do Definitions of Service Request Severity Submitting a Service Requestxiii Obtaining Additional Publications and InformationInstalling and Configuring Cisco Access Registrar About This GuideOL-17221-02 Installation Type Installation Dialog OverviewOverview C H A P T E RLicense File Location Installation LocationJava 2 Runtime Environment Open Database ConnectivityExample Configuration Downloading Cisco Access Registrar SoftwareContinue with Installation Base DirectoryCSCOar-4.2.1-sol10-k9.tar.gz for Solaris Cisco Access Registrar 4.2 LicensingLicense Slabs Getting Cisco Access Registrar 4.2 LicenseProduct DescriptionAdding Additional Cisco Access Registrar 4.2 Licenses Installing Cisco Access Registrar 4.2 LicensesSample License File opt/CSCOar/bin/arserver restartDisplaying License Information aregcmd Command-Line OptionLaunching aregcmd aregcmd -l directorynameChapter 1 Overview Cisco Access Registrar 4.2 Licensing Installing and Configuring Cisco Access RegistrarOL-17221-02 Installing the Cisco Access Registrar 4.2 License File Installing Cisco Access RegistrarInstalling the Cisco Access Registrar 4.2 License File, page Installing Cisco Access Registrar 4.2 Software on Solaris, pageInstalling Cisco Access Registrar Software from CD-ROM Deciding Where to InstallInstalling Downloaded Software Deciding Where to InstallStep 5 Proceed to Common Solaris Installation Steps Common Solaris Installation Stepszcat CSCOar-4.2.1-sol9-K9.tar.gz tar xvf pkgadd -d /tmp CSCOarStep 9 Enter the directory or mount point where the J2RE is installed Step 14 Enter Y to continue with the software installation Step 13 Enter Y to install the setuid/setgid filesChapter 2 Installing Cisco Access Registrar Installing Cisco Access Registrar 4.2 Software on SolarisInstalling Cisco Access Registrar on LDoms Installing Cisco Access Registrar 4.2 Software on LinuxConfiguring SNMP RPC Bind Servicescp CSCOar-4.2.1-lnx26-install-K9.sh /tmp Common Linux Installation Stepschmod 777 CSCOar-4.2.1-lnx26-install-K9.sh cd /cdrom/cdrom0/kit/linux-2.4Build Date Mon Nov 03 235551 CSCOar-4.2.1-lnx26-install-k9.shBuild Host spencer.cnslab.cisco.com Copyright CChapter 2 Installing Cisco Access Registrar Configuring SNMPInstalling Cisco Access Registrar 4.2 Software on Linux Installing and Configuring Cisco Access RegistrarChapter 2 Installing Cisco Access Registrar 2-10Installing Cisco Access Registrar 4.2 Software on Linux Installing and Configuring Cisco Access RegistrarSolaris Software Upgrade Overview, page Solaris Software Upgrade OverviewLinux Software Upgrade Overview, page Software Upgrade Tasks, page Installing the Cisco Access Registrar License File, pageSee Using pkgrm to Remove Cisco Access Registrar Solaris Software Linux Software Upgrade Overviewcd /opt mv AICar1 CSCOar etc/init.d/arserver restartDisabling Replication Software Upgrade Taskscd /radius/replication etc/init.d/arserver restartUsing pkgrm to Remove Cisco Access Registrar Solaris Software Removing the AICar1 Packagepkgrm AICar1 pkgrm CSCOar Removing the CSCOar PackageChapter 3 Upgrading Cisco Access Registrar Software Software Upgrade Taskscd /opt/CSCOar/bin uninstall-ar Using uninstall-ar to Remove Linux SoftwareUpgrading Cisco Access Registrar Solaris Software Installing the Cisco Access Registrar License FileDeciding Where to Install, page Installing Cisco Access Registrar Software from CD-ROM, pageInstalling Cisco Access Registrar Software from CD-ROM zcat CSCOar-4.2.1-sol9-k9.tar.gz tar xfInstalling Downloaded Software Common Solaris Installation StepsStep 1 For a full install, press Enter Step 7 Enter the administrator userID and password 3-10Step 9 Enter Y to install the setuid/setgid files Step 10 Enter Y to continue with the software installation3-11 Back-up Copy of Original ConfigurationConfiguring SNMP If you choose not to use the SNMP features of CAR, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMPVSA Update Script Removing Old VSA Names3-12 Using uninstall-ar to Remove Linux Software, page Upgrading Cisco Access Registrar Linux SoftwareCommon Linux Installation Steps, page opt/CSCOar/datacp CSCOar-4.2.1-lnx26-install-k9.sh /tmp uninstall-arcd /opt/CSCOar/bin arserver stop cd /cdrom/cdrom0/kit/linux-2.6CSCOar-4.2.1-lnx26-install-K9.sh chmod 777 CSCOar-4.2.1-lnx26-install-k9.sh3-15 Common Linux Installation Stepsdirectory where it is installed 3-163-17 Backup Copy of Original Configurationopt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html PreparingVSA Update Script 3-18Chapter 3 Upgrading Cisco Access Registrar Software Upgrading Cisco Access Registrar Linux SoftwareRestarting Replication Configuring SNMP3-19 Configuring SNMPChapter 3 Upgrading Cisco Access Registrar Software 3-20Installing and Configuring Cisco Access Registrar Restarting ReplicationUsing aregcmd Configuring Cisco Access RegistrarGeneral Command Syntax Using aregcmd, page Configuring a Basic Site, pageConfiguring a Basic Site aregcmd CommandsRunning aregcmd cd //localhost/Administrators Changing the Administrator’s Passwordcd admin set PasswordCreating Additional Administrators Configuring the RADIUS Servercd /Administrators add jane testadminset DefaultSessionManager Checking the System-Level DefaultsSelecting Ports to Use Checking the Server’s HealthStep 1 Change directory to /Radius/Advanced/Ports Displaying the UserListscd /Radius/Advanced/Ports add add lsAdding Users to UserLists Displaying the Default UserListls -R add janecd /Radius/UserLists/Default delete beth set password janeDisplaying UserGroups Deleting UsersAdding a NAS Configuring Clientscd /Radius/Clients add QuickExampleNASSetting RADIUS Attributes Configuring Profilesset IncomingScript ParseServiceHints EnableDynamicAuthorization TRUE EnableNotifications TRUEAdding Multiple Cisco AV Pairs Validating and Using Your ChangesSaving and Reloading set Framed-Routing 192.168.1.0/24Using radclient Testing Your Configurationradclient -s simple john johnTroubleshooting Your Configuration Configuring AccountingSetting the Trace Level p001 sendset Enabled TRUE Enabling SNMP in the Cisco Access Registrar ServerStopping the Master Agent aregcmd cd /Radius/Advanced/SNMPModifying the snmpd.conf File Access Controlopt/CSCOar/bin/arserver stop 4-15Restarting the Master Agent Configuring Dynamic DNSTrap Recipient System Contact Informationcd foo.com set Secret base64-encoded string cd /Radius/Advanced/DDNS/TSIGKeys add foo.comcd /Radius/RemoteServers add ddns cd ddns set Protocol dynamic-dnsset IPAddress 10.10.10.1 ip address of primary dns server for zone Testing Dynamic DNS with radclientset ForwardZoneTSIGKey foo.com set ReverseZoneTSIGKey foo.com cd /Radius/ResourceManagers add ddnstrace Step 3 Launch radclient cd /opt/CSCOar/bin radclient cd /opt/CSCOar/bin aregcmdacctrequest Start username set p acctrequest Start bobChapter 4 Configuring Cisco Access Registrar Configuring Dynamic DNS 4-20Installing and Configuring Cisco Access Registrar OL-17221-02Configuring Groups Customizing Your ConfigurationConfiguring Specific Groups C H A P T E Radd PPP-users Users who always connect using PPP default-PPP-users Creating and Setting Group Membershipcd /Radius/UserLists/Default/jean ObjectUsing a Script to Determine Service Configuring a Default Groupcd /Radius/UserGroups/Default set AuthorizationScript AuthorizeServiceset Group Default Configuring Multiple UserListssave reloadConfiguring Users Configuring Separate UserListsCreating Separate UserLists Populating UserListsCreating Separate Services Configuring Servicescd /Radius/Services cd /Radius/Services/North-usersClient Scripting Configuring the ScriptChoosing the Scripting Point cd /RadiusHandling Multiple Scripts Configuring a Remote Server for AAadd ParseUserName Rex libParseUserName.so ParseUserName Save tcl scripts in the directory /opt/CSCOar/scripts/radius/tclCreating a RemoteServer Configuring the Remote Servercd /Radius/RemoteServers add QuickExampleset protocol ldap set UserPasswordAttribute passwordset Port 5-10add remote-ldap Remote LDAP Service Creating Servicesset type ldap 5-11Changing the Authentication and Authorization Defaults Configuring Multiple Remote Serversset DefaultAuthentication remote-ldap set DefaultAuthorization remote-ldapCreating RemoteServers Configuring Two Remote Serversadd North 5-13cd /Radius/RemoteServers/North Creating the Servicesset protocol radius set SharedSecret5-15 set IncomingScript ParseRemoteServersConfiguring the Script Choosing the Scripting PointConfiguring a Resource Manager Configuring Session ManagementCreating a Resource Manager 5-16Creating a Session Manager Configuring a Session Managercd /Radius/ResourceManagers add rm-100Enabling Session Management Configuring Session Managementset 1 rm-100 5-18Symbols I N D EIN-1 IN-2 Failover policyJava 2 Platform IN-3 IN-4