Installing and Configuring Cisco Access Registrar 5.0
Chapter 2 Installing Cisco Access Registrar
Downloads: This chapterpdf (PDF - 173.0KB) The complete bookPDF (PDF - 1.95MB) | Feedback

Installing Cisco Access Registrar 5.0

Table Of Contents

Installing Cisco Access Registrar 5.0

Installing the Cisco Access Registrar 5.0 License File

Installing Cisco Access Registrar 5.0 Software on Solaris

Deciding Where to Install

Installing Cisco Access Registrar Software from CD-ROM

Installing Downloaded Software

Common Solaris Installation Steps

Configuring SNMP

RPC Bind Services

Installing Cisco Access Registrar on LDoms

Installing Cisco Access Registrar 5.0 Software on Linux

Deciding Where to Install

Installing Cisco Access Registrar Software from CD-ROM

Common Linux Installation Steps

Configuring SNMP


Installing Cisco Access Registrar 5.0


This chapter provides information about installing CAR 5.0 software. The software is available in CD-ROM form and can also be downloaded from the Cisco.com website. The installation instructions differ slightly depending on whether you install the software from the Cisco AR CD-ROM or from downloaded software.

As a prerequisite for the patch installation of CAR 5.0.0.1, the compatible SCTP library should be installed in /usr/lib/ "libsctp.so" file for both Solaris 10 and RHEL 5.3/5.4/5.5. This prerequisite is specific to CAR 5.0.0.1 and it is not relevant for previous releases of CAR.


Note CAR 5.0 can be used with Solaris 10 (UFS file system), or the Red Hat Enterprise Linux 5.3/5.4/5.5 32-bit/64-bit operating system using kernel 2.6.18-128.el5 or later, and Glibc version: glibc-2.5-34 or later.


This chapter contains the following sections:

Installing the Cisco Access Registrar 5.0 License File

Installing Cisco Access Registrar 5.0 Software on Solaris

Installing Cisco Access Registrar 5.0 Software on Linux

Installing the Cisco Access Registrar 5.0 License File

You must have a license file in a directory on the Cisco AR machine before you attempt to install Cisco AR software. After purchasing Cisco AR, you will receive a license file in an e-mail attachment. Save or copy this license file to a directory on the Cisco AR workstation. If you have not installed the Cisco AR license file before beginning the software installation, the installation process will fail.

You can store the Cisco AR license file in any directory on the Cisco AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory or to the base installation directory you specify when you install the software if you are not using the default installation location.

The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in e-mail to an accessible directory.


Note Cisco AR 5.0 or 4.2 evaluation license can be generated using your Cisco.com account in the Product License Registration tool http://www.cisco.com/web/go/license/index.html. The evaluation license is valid only for 90 days. The generated Cisco AR license works for both Solaris and Linux server.


Installing Cisco Access Registrar 5.0 Software on Solaris

This section describes the software installation process when installing Cisco AR software on a Solaris workstation for the first time.

This section includes the following subsections:

Deciding Where to Install

Installing Cisco Access Registrar Software from CD-ROM

Installing Downloaded Software

Common Solaris Installation Steps

Installing Cisco Access Registrar on LDoms


Tips Before you begin to install the software, check your workstation's /etc/group file and make sure that group staff exists. The software installation will fail if group staff does not exist before you begin.


Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for CAR 5.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco Access Registrar Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the CAR 5.0 CD-ROM. If you are installing downloaded software, proceed to "Installing Downloaded Software" section.


Step 1 Place the Cisco AR software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user, and enter the following command line:

For Solaris 10:

pkgadd -d /cdrom/cdrom0/kit/solaris-2.10  CSCOar

Step 3 Proceed to "Common Solaris Installation Steps" section.


Installing Downloaded Software

This section describes how to uncompress and extract downloaded Cisco AR software and begin the software installation.


Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the uncompressed tarfile.

cd /tmp

Step 3 Use the following command line to uncompress the tarfile and extract the installation package files.

zcat   CSCOar-5.0-sol10-K9.tar.gz | tar xvf -

Step 4 Enter the following command to begin the installation:

pkgadd -d /tmp CSCOar

where /tmp is the temporary directory where you stored and uncompressed the installation files.

Step 5 Proceed to "Common Solaris Installation Steps" section.


Common Solaris Installation Steps

This section describes the installation process immediately after you have issued the pkgadd command installing from CD-ROM or from downloaded software.

Processing package instance <CSCOar> from </tmp>

Cisco Access Registrar 5.0 [SunOS-5.10, official]
(sparc) 5.0
Copyright (C) 1998-2008 by Cisco Systems, Inc.
This program contains proprietary and confidential information.  
All rights reserved except as may be permitted by prior written consent.

    This package contains the Access Registrar Server and the
    Access Registrar Configuration Utility.  You can choose to
    perform either a Full installation or just install the
    Configuration Utility.

What type of installation: Full, Config only [Full] [?,q] 

You will encounter the following error, if you fail to install the Solaris 10 compatible SCTP library which is a prerequisite for CAR 5.0.0.1 installation:

The following library required for proper operation of Access
    Registrar is missing:
 
       /usr/lib/libsctp.so => SCTP library
 
    Please install a Solaris 10 compatible SCTP library
         prior to installing Access Registrar.

Step 6 For a full install, press Enter.

Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 

Step 7 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.

Access Registrar requires FLEXlm license file to operate.  A list
of space delimited license files or directories can be supplied as
input; license files must have the extension ".lic".

Where are the FLEXlm license files located? [] [?,q]

Step 8 Enter the directory where you have stored the CAR 5.0 license file.

Access Registrar provides a  Web GUI. It requires J2RE version
1.5.* to be installed on the server.

If you already have a compatible version J2RE installed, please
enter the directory where it is installed.  If you do not, the
compatible J2RE version can be downloaded from:

http://java.sun.com/

Where is the J2RE installed?  [?,q] /nfs/insbu-cnstools/java

The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.


Note If you do not provide the JRE path, or if the path is empty or unsupported, the installation process exits. CAR 5.0 installation requires JRE 1.5.x version only. CAR 5.0.0.1 and above requires either JRE 1.5.x or JRE 1.6.x version.


Step 9 Enter the directory or mount point where the J2RE is installed.

If you are not using ORACLE, press Enter/Return to skip this step.
ORACLE installation directory is required for ODBC configuration.
ORACLE_HOME variable will be set in /etc/init.d/arserver script

Where is ORACLE installed? [] [?,q] 

Note Install the Oracle 10g client for Solaris using 10gr2_client_sol.cpio.gz and instantclient-basic-solaris32-10.1.0.5-20060502.zip


Step 10 If you plan to use Oracle accounting, enter the location where you have installed Oracle; otherwise press Enter.

If you want to learn about Access Registrar by following the
examples in the Installation and Configuration Guide, you need to
populate the database with the example configuration.

Do you want to install the example configuration now [n] [y,n,?,q] 

Step 11 When prompted whether to install the example configuration now, enter Y or N to continue.

You can add the example configuration at any time by
running the command:

    /opt/CSCOar/bin/aregcmd -f /opt/CSCOar/examples/cli/add-example-configuration.rc


Note You can delete the example configuration at any time by running the command /opt/CSCOar/usrbin/aregcmd -f /opt/CSCOar/examples/cli/delete-example-configuration.rc.


## Executing checkinstall script.

The selected base directory </opt/CSCOar> must exist before
installation is attempted.

Do you want this directory created now [y,n,?,q] y

Step 12 Enter Y to enable the installation process to create the /opt/CSCOar directory.

Using </opt/CSCOar> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying package dependencies.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.

The following files are being installed with setuid and/or setgid
permissions:
  /opt/CSCOar/.system/screen <setuid root>
 /opt/CSCOar/bin/aregcmd <setgid staff>
 /opt/CSCOar/bin/radclient <setgid staff>

Do you want to install these as setuid/setgid files [y,n,?,q]

Step 13 Enter Y to install the setuid/setgid files.

This package contains scripts which will be executed with super-user
permission during the process of installing this package.

Do you want to continue with the installation of <CSCOar> [y,n,?]

Step 14 Enter Y to continue with the software installation.

No further interaction is required; the installation process should complete successfully and the arservagt is automatically started.

Installing Cisco Access Registrar 5.0 [SunOS-5.10, official] as <CSCOar>

## Installing part 1 of 1.
/opt/CSCOar/.system/add-example-config
/opt/CSCOar/.system/run-ar-scripts
/opt/CSCOar/.system/screen
/opt/CSCOar/README
/opt/CSCOar/bin/arbug
/opt/CSCOar/bin/nasmonitor
/opt/CSCOar/bin/share-access
.
.
.
setting up the web server...........
# configuring the web server...........
# setting up product configuration file /opt/CSCOar/conf/car.conf
# linking /etc/init.d/arserver to /etc/rc.d files
# setting ORACLE_HOME and JAVA_HOME variables in arserver
# flushing old replication archive
# creating initial configuration database
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Sat Apr 10 07:52:26 
2010
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Sat Apr 10 07:52:26 
2010


# installing example configuration
# removing old session information
# extracting the web application...........
We will now generate an RSA key-pair and self-signed certificate that
may be used for test purposes
Generating a 1536 bit RSA private key
.......++++
................................................++++
writing new private key to '/cisco-ar/certs/tomcat/server-key.pem'
-----
Server self-signed certificate now resides in /cisco-ar/certs/tomcat/server-cert.pem
Server private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem

Remember to install additional CA certificates for client verification
Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem
Starting Access Registrar Server Agent......completed.
The Radius server is now running.
# done with postinstall.

Installation of <CSCOar> was successful

hostname root /tmp##

Configuring SNMP

If you choose not to use the SNMP features of Cisco AR, the installation process is completed. To use SNMP features, complete the configuration procedure described in "Configuring SNMP" section on page 4-15.

RPC Bind Services

The Cisco AR server and the aregcmd CLI requires RPC services to be running before the server is started. If the RPC services are stopped, you must restart RPC services, then restart the Cisco AR server. Use the following commands to restart RPC services:

/opt/CSCOar/bin/arserver stop

/etc/init.d/rpc start

/opt/CSCOar/bin/arserver start

If RPC services are not running, the following message is displayed when you attempt to start aregcmd:

Login to aregcmd fails with the message:
400 Login failed

Installing Cisco Access Registrar on LDoms

Server virtualization is partitioning of network servers into several independent execution environments. Server virtualization allows a data center to be viewed and managed as a set of compute resources rather than a room of individual systems.

Server virtualization feature in Cisco AR will enable maximum resource utilization with dynamic resource allocation between LDoms.


Note To know about configuration of Cisco AR on LDoms, see White Paper under Cisco AR Collateral in http://wwwin-nmbu.cisco.com/fieldportal/products/car/summary.cfm?Prod=car&tsession.


Installing Cisco Access Registrar 5.0 Software on Linux

This section describes the software installation process when installing Cisco AR software on a Linux workstation for the first time. This section includes the following subsections:

Deciding Where to Install

Installing Cisco Access Registrar Software from CD-ROM

Common Linux Installation Steps


Tips Before you begin to install the software, check your workstation's /etc/group file and make sure that group staff exists. The software installation will fail if group staff does not exist before you begin.


Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for CAR 5.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco Access Registrar Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the CAR 5.0 CD-ROM. If you are installing downloaded software, proceed to "Installing Downloaded Software" section.


Step 1 Place the CAR 5.0 software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user and find a temporary directory, such as /tmp, to store the Linux installation file.


Note The temporary directory requires at least 70 MB of free space.


Step 3 Change directory to the CD-ROM.

cd /cdrom/cdrom0/kit/linux-2.6

Step 4 Copy the CSCOar-5.0-lnx26-install-K9.sh file to the temporary directory.

cp CSCOar-5.0-lnx26-install-K9.sh /tmp

Step 5 Change the permissions of the CSCOar-5.0-lnx26-install-K9.sh file to make it executable.

chmod 777 CSCOar-5.0-lnx26-install-K9.sh

Step 6 Run the below command to set SELinux to permissive mode:

setenforce 0


Note The above command will set SELinux to permissive mode temporarily until you reboot the system. To start the system in permissive mode permanently, edit /etc/selinux/config and change SELINUX=enforcing to SELINUX=permissive and reboot the system.


To continue the installation, proceed to "Common Linux Installation Steps" section.


Common Linux Installation Steps

This section describes how to install the downloaded Cisco AR software for Linux and begin the software installation.


Note The Cisco AR Linux installation automatically installs aregcmd and radclient as setgid programs in group adm.



Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the CSCOar-5.0-lnx26-install-K9.sh file.

cd /tmp

Step 3 Enter the name of the script file to begin the installation:

./CSCOar-5.0-lnx26-install-K9.sh

Name        : CSCOar                       Relocations: /opt/CSCOar 
Version     : 5.0                          Vendor: Cisco Systems, Inc.
Release     : 1140764415                    Build Date: Mon Nov 03 23:55:51 2008
Install date: (not installed)               Build Host: spencer.cnslab.cisco.com
Summary     : Access Registrar, a carrier-class RADIUS server
build_tag: [Linux-2.6.20, official]

Copyright (C) 1998-2008 by Cisco Systems, Inc.
This program contains proprietary and confidential information.  
All rights reserved except as may be permitted by prior written consent.

    This package contains the Access Registrar Server and the Access
    Registrar Configuration Utility.  All the Client, Server, and
    Configuration utilities will be installed.

Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 

You will encounter the following error, if you fail to install the RedHat Enterprise Linux 5.x compatible SCTP library which is a prerequisite for CAR 5.0.0.1 installation:

The following library required for proper operation of Access
    Registrar is missing:
 
       /usr/lib/libsctp.so => SCTP library
 
    Please install a RedHat Enterprise Linux 5.x compatible SCTP library
         prior to installing Access Registrar.

Step 4 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.

Access Registrar requires FLEXlm license file to operate.  A list
    of space delimited license files or directories can be supplied as
    input; license files must have the extension ".lic".

Where are the FLEXlm license files located? [] [?,q]

Step 5 Enter the directory where you have stored the Cisco AR license file.

Access Registrar provides a Web GUI. It requires J2RE version 1.5.*
to be installed on the server.

If you already have a compatible version of J2RE installed, please
enter the directory where it is installed.  If you do not, the
compatible J2RE version can be downloaded from:

        http://java.sun.com/

Where is the J2RE installed? [] [?,q]

The J2RE is required to use the CAR 5.0 GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.


Note If you do not provide the JRE path, or if the path is empty or unsupported, the installation process exits. CAR 5.0 installation requires JRE 1.5.x version only. CAR 5.0.0.1 and above requires either JRE 1.5.x or JRE 1.6.x version.


If you are not using ORACLE, press Enter/Return to skip this step.
ORACLE installation directory is required for ODBC configuration.
ORACLE_HOME variable will be set in /etc/init.d/arserver script

Where is ORACLE installed? [] [?,q] 

Note Install the Oracle 10g client for Linux using 10201_client_linux32.zip and instantclient-basic-linux32-10.1.0.5-20060511.zip


Step 6 Enter the location where you have installed Oracle, otherwise press Enter.

If you want to learn about Access Registrar by following the examples
in the Installation and Configuration Guide, you need to populate
the database with the example configuration.

Do you want to install the example configuration now? [n]: [y,n,?,q] y

Step 7 When prompted whether to install the example configuration now, enter Y or N to continue.


Note You can delete the example configuration at any time by running the command /opt/CSCOar/usrbin/aregcmd -f /opt/CSCOar/examples/cli/delete-example-configuration.rc.


unpack the rpm file done
Preparing...                ########################################### [100%]
   1:CSCOarui-add           ########################################### [100%]
# setting up the web server...........
# configuring the web server...........
# extracting the web application...........
Preparing...                ########################################### [100%]
   1:CSCOar                 ########################################### [100%]
relink arserver
JAVA ROOT /opt/jdk1.5.0_17
JAVA_HOME /opt/jdk1.5.0_17
# setting ORACLE_HOME and JAVA_HOME variables in arserver
ORACLE_HOME
JAVA_HOME /opt/jdk1.5.0_17
set JAVA_HOME
# flushing old replication archive
# creating initial configuration database
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Wed Jun  9 17:09:07 
2010
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Wed Jun  9 17:09:07 
2010
# add-example-config y
ln: creating symbolic link `/opt/CSCOar/lib/libsctp.so.1' to `/opt/CSCOar/lib/libsctp.so': 
File exists
calling gen-tomcat
We will now generate an RSA key-pair and self-signed certificate that
may be used for test purposes
Generating a 1536 bit RSA private key
.++++
..............................++++
writing new private key to '/cisco-ar/certs/tomcat/server-key.pem'
-----
Server self-signed certificate now resides in /cisco-ar/certs/tomcat/server-cert.pem
Server private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem
Remember to install additional CA certificates for client verification
Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem
Starting Access Registrar Server Agent...completed.
The Radius server is now running
 
hostname root /tmp### 

Note After the installation process, run the command service iptables stop to disable the iptables firewall.




Note If Cisco AR server restarts and the Radius process is not started on installation of Cisco AR 5.0 in RHEL 5.3/5.4/5.5, you must create a softlink to libsctp.so file. See Creating a Softlink to libsctp.so for more details.


Creating a Softlink to libsctp.so

Complete the following steps to create a softlink to libsctp.so file.


Step 1 Change the directory to /cisco-ar/lib

cd /cisco-ar/lib

Step 2 Create a soft link to libsctp.so file.

ln -s libsctp.so libsctp.so.1

Step 3 Restart the Cisco AR server using the following command:

/cisco-ar/bin/arserver restart


Configuring SNMP

If you choose not to use the SNMP features of Cisco AR, the installation process is completed. To use SNMP features, complete the configuration procedure described in "Configuring SNMP" section on page 4-15.