Español dropdown-ico

Cisco Systems 4.2 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

Ir a la página of

manuales de instrucciones parecidos

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Cisco Systems 4.2. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Cisco Systems 4.2 o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Cisco Systems 4.2 se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Cisco Systems 4.2, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones Cisco Systems 4.2 debe contener:
- información acerca de las especificaciones técnicas del dispositivo Cisco Systems 4.2
- nombre de fabricante y año de fabricación del dispositivo Cisco Systems 4.2
- condiciones de uso, configuración y mantenimiento del dispositivo Cisco Systems 4.2
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Cisco Systems 4.2 no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Cisco Systems 4.2 y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Cisco Systems en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Cisco Systems 4.2, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Cisco Systems 4.2, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Cisco Systems 4.2. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Installing and Conf iguring Cisco A ccess Registrar , 4.2 November 20 08 Text Part Number: OL -17221-02[...]

  • Página 2

    THE SPECIFICATION S AND INFORMAT ION REGARDING THE PRODUCTS IN THIS MANU AL ARE SUBJECT T O CHANGE W ITHOUT NOTICE. A LL STATEMENTS , INFORMATION, AND RECOMMENDATI ONS IN THI S MANUAL ARE BE LIEVED TO BE A CCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPO NSIBILITY FOR THEIR APPLICAT ION OF ANY[...]

  • Página 3

    iii Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 CONTENTS About This Guide ix Obtaining Documentation ix Cisco.com ix Documentation Feedback x Cisco Product Security Overview x Reporting Security Problems in Cisco Prod ucts x Obtaining Technical Assistance xi Cisco Technica l Support & Documentati on Website xi Submitting[...]

  • Página 4

    Contents iv Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 CHAPTER 2 Installing Cisco Access Registrar 4.2 2-1 Installing the Cisco Access Registrar 4.2 License File 2-1 Installing Cisco Access Re gistrar 4.2 Software on Solaris 2-1 Deciding Where to Install 2-2 Installing Cisco Access Re gistrar Software from CD-ROM 2-2 Instal[...]

  • Página 5

    Contents v Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Installing Cisco Access Registrar Software from CD-ROM 3-14 Common Linux In stallation Steps 3-15 Backup Copy of Original Configuration 3-17 Removing Old VSA Names 3-18 VSA Update Script 3-18 Configuring SNMP 3-19 Configuring SNMP 3-19 Restarting Replication 3-19 CHAPTER[...]

  • Página 6

    Contents vi Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Enabling SNMP in the Cisco Access Regist rar Server 4-14 Stopping the Master Agent 4-14 Modifying the snmpd.con f File 4-14 Access Control 4-15 Trap Recipient 4-15 System Contact Information 4-16 Restarting the Master Agent 4-16 Configuring Dynamic DNS 4-16 Testing Dyna[...]

  • Página 7

    Contents vii Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Configuring Services 5-14 Creating the Services 5-14 Configuring the Script 5-15 Choosing the Scripting Poin t 5-15 Configuring Session Management 5-16 Configuring a Resource Manager 5-16 Creating a Resource Manager 5-16 Configuring a Session Manager 5-17 Creating a Se[...]

  • Página 8

    Contents viii Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02[...]

  • Página 9

    ix Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide The Installing and Conf iguring Cisco A ccess Registra r , 4.2, provides informat ion about installing, confi guring, and customizing CAR 4.2. This gu ide is intended to be used by experienced netw ork administrators with w orking kno wledge of the Solaris UNIX [...]

  • Página 10

    x Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide Y ou can access internationa l Cisco websites at this URL: http://www .cisco.com/public/cou ntries_languages.shtml Documentation Feedback Y ou can rate and provide feedback about Cisco tech nical documents by completing the onlin e feedback form that appears with[...]

  • Página 11

    xi Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide In an emer gency , you can also reach PSIR T by telephone: • 1 877 228-7302 • 1 408 525-6532 Ti p W e encourage you to use Pretty Good Pri v ac y (PGP) or a compatible product (for e xample, GnuPG) to encrypt any sensitiv e information that you send to Ci s [...]

  • Página 12

    xii Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide output. Search results sho w an illustration of yo ur product with the serial number labe l location highlighted. Locate the serial numb er label on your product and record the information before placing a service call. Submitting a Service Request Using the on[...]

  • Página 13

    xiii Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide Obtaining Additional Publications and Information Information about Cisco products, techno logies, and networ k solutions is av ailable from v arious onlin e and printed sources. • The Cisco Pr oduct Quic k Refer ence Guide is a handy , compact referen ce to[...]

  • Página 14

    xiv Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 About This Guide • W orld-class networking train ing is av ailable from Cisco. Y ou can view curr ent of ferings at this URL: http://www .cisco.com/en/ US/learning/inde x.html[...]

  • Página 15

    CH A P T E R 1-1 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 1 Overview This chapter pro vides an overvi ew of the software instal lation process. Y ou can install the CAR 4.2 software on a machine f or the first ti me, or you can upgrade the existing Cisco AR software on a workstation to CAR 4.2. Y ou might receive the Cisc[...]

  • Página 16

    1-2 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 1 Overvi ew Installation Dialog Overview Installation Location The next questi on in the installation d ialog asks, “W here do you want t o install?” The default location to install the softw are is /opt/C SCOar . Y ou can choose to specify another location by enter[...]

  • Página 17

    1-3 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 1 Overview Downloading Cisco Access Registrar Softw are Example Configuration The installation dialog asks if you want to instal l the example conf iguration. Y ou can use the example configuration to learn a bout Cisco AR an d to refer to the examples that appear later[...]

  • Página 18

    1-4 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 1 Overvi ew Cisco Access Registrar 4.2 Licensing • CSCOar -4.2.1-sol10-k9.tar .gz for Solaris 10 • CSCOar -4.2.1-lnx26-install-K9.sh for RedHat Enterprise Linux (RHEL) 4.0 Complete the follo wing steps to do wnload the software. Step 1 Create a temporary di rectory [...]

  • Página 19

    1-5 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 1 Overview Cisco Access Registrar 4.2 Licensing CAR can be deployed in a t wo-tier architecture—front- end and back-end server . The front-end server performs AAA functions and i t needs the base license and the TPS license. The back-end server performs session mana g[...]

  • Página 20

    1-6 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 1 Overvi ew Cisco Access Registrar 4.2 Licensing If you receiv e a Software License Claim Certif icate, you can get y our Cisco AR lice nse file at one of the two follo wing URLs: • www .cisco.com/go/license Use this site if you are a register ed user of Cisco Connect[...]

  • Página 21

    1-7 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 1 Overview Cisco Access Registrar 4.2 Licensing Displaying License Information Cisco AR provid es two ways of getting license information using aregcmd : • aregcmd command-line optio n • Launching ar egcmd aregcmd Command-Line Option Cisco AR provides a ne w -l comm[...]

  • Página 22

    1-8 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 1 Overvi ew Cisco Access Registrar 4.2 Licensing[...]

  • Página 23

    CH A P T E R 2-1 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 2 Installing Cisco Access Registrar 4.2 This chapter pro vides information about installing CAR 4 .2 software. The softw are is av ailable in CD-R OM form and can also be do wn loaded from the Cisco.com website. The installation instructions dif fer slightly depend[...]

  • Página 24

    2-2 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 2 Insta lling Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Solaris This section includes the following subsections: • Deciding Wh ere to Inst all • Installing Cisco Access Re gistrar Software from CD-R OM • Installing Do wnloaded So[...]

  • Página 25

    2-3 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 2 Installin g Cisco Access Registrar 4.2 Installing Cisco Access R egistrar 4.2 Software on Solaris Step 3 Use the follo wing command line to u ncompress the tarfi le and extract t he installation package f iles. zcat CSCOar -4.2.1-sol9-K9.tar .gz | tar xvf - Note These[...]

  • Página 26

    2-4 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 2 Insta lling Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Solaris http://java.sun.com/ Where is the J2RE installed? [?,q] /nfs/insbu-cnstools/java The J2RE is req uired to use the Cisco AR GUI. If you already ha ve a Ja va 2 pl atform in[...]

  • Página 27

    2-5 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 2 Installin g Cisco Access Registrar 4.2 Installing Cisco Access R egistrar 4.2 Software on Solaris Do you want to install these as setuid/setgid files [y,n,?,q] Step 13 Enter Y to install t he setuid/setgid file s . This package contains scripts which will be executed [...]

  • Página 28

    2-6 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 2 Insta lling Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Linux Configuring SNMP If you choose not to use the SNMP features of CAR, the in stallation process is co mpleted. T o use SNMP features, complete the conf iguration procedure des[...]

  • Página 29

    2-7 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 2 Installin g Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Linux Deciding Where to Install Before you be gin the software inst allation, you should decide where you want to in stall the ne w software. The default in stallation directory f[...]

  • Página 30

    2-8 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 2 Insta lling Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Linux Step 3 Enter the name of the script f ile to begin the installation: ./CSCOar -4.2.1-lnx26-install-k9.sh Name : CSCOar Relocations: /opt/CSCOar Version : 4.2.1 Vendor: Cisco[...]

  • Página 31

    2-9 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 2 Installin g Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Linux Step 7 When prompted whether to install the e xample configur ation no w , enter Y or N to cont inue. Note Y ou can delete the example conf iguration at any time by running [...]

  • Página 32

    2-10 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 2 Insta lling Cisco Access Registrar 4.2 Installing Cisco Access Registrar 4.2 Software on Linux[...]

  • Página 33

    CH A P T E R 3-1 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 3 Upgrading Cisco Access Registrar Software CAR 4.2 supports softw are upgrades from your pre vious ly installed Cisco AR software wh ile preserving your exist ing config uration database. Cisco AR supports an up grade path for both the Solaris or Linux versions of[...]

  • Página 34

    3-2 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Linux Softwar e Upgrade Ov erview Step 2 If you hav e modif ied the snmpd.conf fi le in the /cisco-ar/ucd-snmp/share /snmp directory , you must back up this fi le before doing the upgrade process. The pkgrm remo ves the snmp[...]

  • Página 35

    3-3 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Software Upgrade Task s Step 2 If you hav e modif ied the snmpd.conf fi le in the /cisco-ar/ucd-snmp/share /snmp directory , you must back up this fi le before doing the upgrade process. The pkgrm remov es the snmpd.conf file[...]

  • Página 36

    3-4 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Software Upgrad e Tasks [ //localhost/Radius/Replication ] RepType = None RepTransactionSyncInterval = 60000 RepTransactionArchiveLimit = 100 RepIPAddress = 0.0.0.0 RepPort = 1645 RepSecret = NotSet RepIsMaster = FALSE RepMa[...]

  • Página 37

    3-5 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Software Upgrade Task s 2973: terminated 2971: terminated, wait status 0x000f 2965: terminated Access Registrar Server Agent shutdown complete. # removing /etc/rc.d files # done with preremove. ## Removing pathnames in class [...]

  • Página 38

    3-6 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Software Upgrad e Tasks Access Registrar Server Agent shutdown complete. # removing /etc/rc.d files # done with preremove. ## Removing pathnames in class <snmp> /opt/CSCOar/ucd-snmp/share/snmp/snmpd.conf /opt/CSCOar/uc[...]

  • Página 39

    3-7 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Installing the Cisc o Acc ess Registrar License File 4 processes left.3 processes left.......2 processes left.......k0 processes left.0 processes left Access Registrar Server Agent shutdown complete. Installing the Cisco Acce[...]

  • Página 40

    3-8 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Ac cess Registrar Solaris Softwar e Installing Cisco Access Registrar Software from CD-ROM The follo wing steps descr ibe ho w to begin th e software inst allation process when installin g software from the C[...]

  • Página 41

    3-9 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Upgrading Cisco Acc ess Registrar Solaris Software (sparc) 4.2.1 Copyright (C) 1998-2008 by Cisco Systems, Inc. This program contains proprietary and confidential information. All rights reserved except as may be permitted by[...]

  • Página 42

    3-10 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Ac cess Registrar Solaris Softwar e Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y Step 6 Enter Y to preserv e the local database. The upgrade procedure needs administrator access[...]

  • Página 43

    3-11 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Upgrading Cisco Acc ess Registrar Solaris Software inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/RUNNING.txt inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html infla[...]

  • Página 44

    3-12 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Ac cess Registrar Solaris Softwar e ############################################################### # # A backup copy of your original configuration has been # saved to the file: # # /opt/CSCOar/temp/10062.o[...]

  • Página 45

    3-13 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Upgrading Cisco Acc ess Registrar Linux Software # to perform the update. The script is located in: # # /opt/CSCOar/temp/10062.manual-changes # # Review the script to make sure it does not conflict with # any of your VSA cha[...]

  • Página 46

    3-14 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Access Registrar Linux So ftware cd /opt/CSCOar/bin arserver stop Waiting for these processes to die (this may take some time): AR RADIUS server running (pid: 1403) AR Server Agent running (pid: 29310) AR MC[...]

  • Página 47

    3-15 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Upgrading Cisco Acc ess Registrar Linux Software Step 5 Change the permissions of the CSCOar-4.2.1- lnx26-install-k9.sh f ile to make it ex ecutable. chmod 777 CSCOar -4.2.1-lnx26-install-k9.sh T o continue the installation,[...]

  • Página 48

    3-16 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Access Registrar Linux So ftware Step 5 Enter the di rectory where you have stored the CAR 4.2 license file. Access Registrar provides a Web GUI. It requires J2RE version 1.4.* to be installed on the server.[...]

  • Página 49

    3-17 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Upgrading Cisco Acc ess Registrar Linux Software inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html crea[...]

  • Página 50

    3-18 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Upgrading Cisco Access Registrar Linux So ftware Removing Old VSA Names The upgrade p rocess pro vides an analysis of the confi guration database, additio n of ne w database elements, and a search for obsolete VSA names. Wh[...]

  • Página 51

    3-19 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 3 Upgrading Cisco Access Registra r Software Configuring SNMP Step 11 Record the location of the u pgrade messages for future reference. ############################################################## # # These upgrade messages are saved in: # # /opt/CSCOar/temp/10062.u[...]

  • Página 52

    3-20 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 3 Upgrad ing Cisco Access Registrar Softwa re Restarting Replication[...]

  • Página 53

    CH A P T E R 4-1 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 4 Configuring Cisco Access Registrar 4.2 This chapter describe s how to configure a site. Ci sco Access Registrar 4.1 i s very fle xible. Y ou can choose to conf igure it in man y di fferent w ays. In addition, you can wr ite s cripts that can be in voked at dif fe[...]

  • Página 54

    4-2 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site Y ou can use CAR’ s command completion feature to see what commands are possible from your current directory location in the CAR server hierarchy b y pressing the T ab key . Y ou can also press the T ab[...]

  • Página 55

    4-3 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring a Basic Site Step 1 Run the aregcmd command: aregcmd Step 2 When asked for “Cluster , ” press Enter . Step 3 Enter your administrat or name and password. When you install CAR software, th e installation process c[...]

  • Página 56

    4-4 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site Creating Additional Administrators Use the add command to add additional admini strators. Step 1 Use the cd command to change to the Administ rators lev el: cd /Administrators Step 2 Use the add command a[...]

  • Página 57

    4-5 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring a Basic Site Checking the System-Level Defaults Because this site does not use incoming or outgoing scripts, you do not need to change the scripts’ properties (IncomingScr ipt and OutgoingScript). Since the default[...]

  • Página 58

    4-6 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site T o conf igure Cisco AR to use port s other than the default ports, complete the follo wing steps: Step 1 Change directory to /Radius/Advanced/P orts . cd /Radius/Adva nced/Ports [ //localhost/Radius/Adva[...]

  • Página 59

    4-7 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring a Basic Site Cisco AR, by default, specif ies a Service called local-users t hat has the type local and uses the Default UserList ( Figure 4-1 ). Figur e 4-1 Choosing Appr opriat e Services Displaying the Default Use[...]

  • Página 60

    4-8 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site Description = Password = <encrypted> Enabled = TRUE Group~ = Telnet-users BaseProfile~ = AuthenticationScript~ = AuthorizationScript~ = UserDefined1 = AllowNullPassword = FALSE Attributes/ CheckItem[...]

  • Página 61

    4-9 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring a Basic Site • PPP-users— uses the BaseProf ile default-P PP-users to specify the attrib utes of PPP service to provide the user . The BaseProfile defaul t-PPP-use rs contains the attributes that are added to the[...]

  • Página 62

    4-10 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site set IncomingScript ParseServiceHints EnableDynamicA uthorization TR UE EnableNotif ications TR UE The script, ParseServiceHints , checks the username for %PPP or %SLIP . It uses these tags to modify the [...]

  • Página 63

    4-11 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring a Basic Site When you need to set an attrib ute to a value that includes a space, you must double-quote the v alue, as in the follo wing: set Framed-Routing "192.168.1.0/24 192.168.1. 1" Adding Multiple Ci[...]

  • Página 64

    4-12 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring a Basic Site Step 2 Use the rel oa d command to reload your server . rel o ad Testing Your Configuration No w that you ha ve conf igured some users and a N AS, you are ready to test your co nfiguratio n. There are tw[...]

  • Página 65

    4-13 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring Accounting p001 send p002 Step 6 Enter the response identif ier to display the contents of the Access-Accept pac ket: p002 Packet: code = Access-Accept, id = 1, length = 38, attributes = Login-IP-Host = 196.168.1.9[...]

  • Página 66

    4-14 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring SNMP After you sa ve and reload the CAR server conf iguration, the CAR server writes accounting messages to the accounting.log f ile in th e /opt/CSCOar/log s directory . The CAR server stores information i n the acc[...]

  • Página 67

    4-15 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring SNMP /opt/CSCOar/bin/arser ver stop Modifying the snmpd.conf File The path to the snmpd.conf file is /cisco-ar/ucd -snmp/share/snmp . Use vi (or another te xt editor) to edit the snmpd.conf fil e. There are three pa[...]

  • Página 68

    4-16 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring Dynamic DNS Trap Recipient The follo wing e xample sho ws the default co nfigu ration that sets up trap recipients for SNMP v ersions v1 and v2c. Note Most sites use a single NMS, not two as shown belo w . # --------[...]

  • Página 69

    4-17 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring Dynamic DNS Y ou enable dynamic DNS updates b y creating and conf iguring ne w Resource Managers and ne w RemoteServer s, both of type dynami c-dns. The d ynamic-dns Reso urce Managers specify which zones to use for[...]

  • Página 70

    4-18 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring Dynamic DNS set IP Address 10.10.10.1 (ip address of primary dns server f or zone) set ForwardZoneTSIGK ey f oo.com set Rev erseZoneTSIGKey f oo.com If the re verse zone wil l be updated and if the primary serv er fo[...]

  • Página 71

    4-19 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Ac cess Registrar 4.2 Configuring Dynamic DNS Step 1 Launch aregcmd and log in to the Cisco AR server . cd /opt/CSCOar/bin aregcmd Step 2 Us e the trace command to set the trace to lev el 4. trace 4 Step 3 Launch radclient . cd /opt/CSCOar/bin radcl[...]

  • Página 72

    4-20 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 4 Configuring Cisco Access Registrar 4.2 Configuring Dynamic DNS[...]

  • Página 73

    CH A P T E R 5-1 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 5 Customizing Your Configuration After you ha ve conf igured and tested a basic site, yo u can begin to make changes to better address you r o wn sites’ s needs. This chapter prov ides information th at describes ho w to: • Use groups to s elect the appro priat[...]

  • Página 74

    5-2 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring Grou ps Creating and Setting Group Membership Step 1 Run the aregcmd command: aregcmd Step 2 Use the cd command to change to the UserGr oups object. cd /Radius/UserGr oups Step 3 Use the add command to create a user group, s[...]

  • Página 75

    5-3 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring Group s Configuring a Default Group If you allo w users to request dif ferent Services ba sed on ho w they specify thei r username, you c an use a script to determine th e type of Service to pro vide. F or example, the u ser[...]

  • Página 76

    5-4 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring Multiple UserLists Step 6 Use the set command to set the user’ s group membership to the name of that group . The follo wing exa mp le set s beth ’ s group membership to th e Default group. set Group Def ault Step 7 Use [...]

  • Página 77

    5-5 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring Mu ltiple UserLists Configuring Separate UserLists Di vide your site along organizat ional or compan y lines, and create a UserList fo r each unit. Creating Separate UserLists Step 1 Run the aregcmd command. aregcmd Step 2 U[...]

  • Página 78

    5-6 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring Multiple UserLists add beth telemarketing 123 TR UE PPP-users Step 3 Repeat for the other users yo u want to add. Y ou can use the script, add-100-users , which is located in the /opt/CSCOar/ examples/cli director y to autom[...]

  • Página 79

    5-7 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring Mu ltiple UserLists In this situati on, when beth@North.QuickExample.com makes an Access-Request, the script will strip of f the word North and use it to set the v alue of the en vironment v ariable A uthentication-Service a[...]

  • Página 80

    5-8 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring a Remote Server for AA Step 3 Use the cd command to change to Scripts . cd /Radius/Scripts Step 4 Use the add command t o add the new script, specifying the name, descriptio n, language , filename and an optional entry point[...]

  • Página 81

    5-9 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring a Re mote Server for AA Note Although these services dif fer in the way they handle authentication and au thorization, the procedure for conf iguring a remote serv er is the same independent of its type. F or more informatio[...]

  • Página 82

    5-10 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring a Remote Server for AA Step 5 Use the set command to specify the protocol ldap : set protocol ldap Step 6 Use the set command to specify the re quired LD AP properties. At the very least you must specify: • IP Address—t[...]

  • Página 83

    5-11 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring a Re mote Server for AA Creating Services Step 1 Run the aregcmd command: aregcmd Step 2 Use the cd command to change to the Ser vices lev el: cd /Radius/Services Step 3 Use the add command to add the appropriate LD AP se r[...]

  • Página 84

    5-12 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring a Remote Server for AA T o hav e Cisco AR perform authentication and authori zation against inf ormation from the LD AP server , you must change the Def aultAuthenticationSer vice and DefaultAuth orizationService at the Rad[...]

  • Página 85

    5-13 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring a Re mote Server for AA Figur e 5-2 Using a Scr ipt to Choose a Remote Serv er Ta b l e 5-5 provides an o vervie w of the process. The foll owing sect ions describe the process in more detail. Repe at for each Rem oteServer[...]

  • Página 86

    5-14 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring a Remote Server for AA Step 4 Use the cd command to change to the North RemoteServ ers lev el: cd /Radius/RemoteServ ers/North Step 5 Use the set command to specify the protocol radius : set protocol radius Step 6 Use the s[...]

  • Página 87

    5-15 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring a Re mote Server for AA Step 7 Create another Service (SouthUse rs-ra dius) for the South remote server . Configuring the Script When you hav e multiple RemoteServers, you need a script that dete rmines the authentication a[...]

  • Página 88

    5-16 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring Sessio n Management Configuring Session Management Y ou can use session management to track user ses sions, and/or alloca te dynamic resources to users for the lifetime of their sessions. Y ou can define one or more Session[...]

  • Página 89

    5-17 Installing and Configuring Cisco A ccess Registrar, 4.2 OL-17221-02 Chapter 5 Custom izing Your Configuration Configuring Session Managemen t Step 1 Run the aregcmd command: aregcmd Step 2 Use the cd command to change to the Resour ceManagers lev el: cd /Radius/ResourceManagers Step 3 Use the add command to add a ne w ResourceManager . The fol[...]

  • Página 90

    5-18 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 Chapter 5 Customizing Yo ur Configuration Configuring Sessio n Management Step 5 Use the set command to specify the ResourceManagers yo u want tracked per user session. Specify a number and the name of the Reso urceManager . N ote, you can list th e ResourceManager objects in [...]

  • Página 91

    IN-1 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 INDEX Symbols %PPP 5-3 %Telnet 5-3 /localhost 4-3 /opt/AICar1/usrb in 4-3 A Access control 4-15 Access Registrar add command 5-2 configuration valid ation 4-11 health 4-5 saving changes 5-2 system defaults 4-5 Access Registrar User’s Guide 5-1 Accounting setting up 4-13 add [...]

  • Página 92

    Index IN-2 Installing and Configuring Ci sco Access Registrar, 4.2 OL-17221-02 Configuring cl ients 4-9 Configuring UserGrou ps 5-1 count-sessions command 4-2 D DefaultAccountingSer vice 4-4 DefaultAu thenticat ionService 4-4, 5-12 DefaultAuthorization Service 4-4, 5-12 Default ports 4-6 default-PPP-users 4-9, 4-10 DefaultS essionManagm ent 4-5 Def[...]

  • Página 93

    Index IN-3 Installing and Configuring Cisc o Access Registrar, 4.2 OL-17221-02 L Launching ar egcmd 1-7 LDAP properties 5-10 server configuration 5-10 service 5-11 License file 2-1 location 1-2 local serv ice 4-6, 5-6 local-user s 4-7 login command 4-2 Login conve ntions 5-3 logout command 4-2 ls command 4-2 M Master agent stopping 4-14, 4-16 Multi[...]

  • Página 94

    Index IN-4 Installing and Configuring Ci sco Access Registrar, 4.2 OL-17221-02 S Sample users 4-7 save command 4-2, 4-11, 5-2, 5-4, 5-8, 5-12, 5-15, 5-18 Saving 4-11 Saving changes 5-2 Scripting Point 5-7 Scripts choosing loc ation 5-7 handling multipl e 5-8 send command 4-12 Server commands 4-2 Server health 4-5 Server virtualization 2-6 Service t[...]