Installing and Configuring Cisco Access Registrar 5.0
Chapter 1 Overview
Downloads: This chapterpdf (PDF - 156.0KB) The complete bookPDF (PDF - 1.95MB) | Feedback

Overview

Table Of Contents

Overview

Installation Dialog Overview

Installation Type

Installation Location

License File Location

Java Runtime Environment

Open Database Connectivity

Example Configuration

Base Directory

setuid and setgid Permissions

Continue with Installation

Downloading Cisco Access Registrar Software

Cisco Access Registrar 5.0 Licensing

License Slabs

Upgrade Path

Getting Cisco Access Registrar 5.0 License

Installing Cisco Access Registrar 5.0 Licenses

Adding Additional Cisco Access Registrar 5.0 Licenses

Sample License File

Displaying License Information

aregcmd Command-Line Option

Launching aregcmd


Overview


This chapter provides an overview of the software installation process. You can install the CAR 5.0 software on a machine for the first time, or you can upgrade the existing Cisco AR software on a workstation to CAR 5.0.

You might receive the Cisco AR software in a packaged CD-ROM or you can download the software from the Cisco.com website. "Downloading Cisco Access Registrar Software" section provides detailed information about downloading the CAR 5.0 software.

Before you install the CAR 5.0 software, you must copy a license file to the workstation where you will install the software. You will receive the license file as an e-mail attachment. "Cisco Access Registrar 5.0 Licensing" section provides detailed information about the new licensing mechanism in Cisco AR.


Note Before you begin the software installation, ensure that your server has recommended patches. For patch details refer the note in Installing Cisco Access Registrar 5.0. A dedicated server should be allocated for AR installation and it is recommended to run AR as a standalone application, installing any other application(s) in the same server is not supported.


Installation Dialog Overview

You use the pkgadd command to install CAR 5.0 software on Solaris 10 workstations. The Linux version of CAR 5.0 uses the RedHat Package Manager (RPM) and installs as a script. When you begin the software installation, the installation process uses a dialog to determine how to install the software.


Note CAR 5.0 can be used with Solaris 10 (UFS file system), or Red Hat Enterprise Linux 5.3/5.4/5.5 3264-bit/64-bit operating system using kernel 2.6.18-128.el5 or later, and Glibc version: glibc-2.5-34 or later.


Installation Type

The first question for you to consider is the type of installation to perform. Your choices are full or configuration only. The default and most common installation type is a full install.

The Full installation installs all parts of the CAR 5.0 software including the server components, the example configuration, and the configuration utility, aregcmd.

The Config only installation only installs the example configuration and the configuration utility, aregcmd. You can use one instance of aregcmd to maintain other servers running the server software.

Installation Location

The next question in the installation dialog asks, "Where do you want to install?" The default location to install the software is /opt/CSCOar. You can choose to specify another location by entering it at this point. That directory would then be the base install directory, sometimes referred to as $INSTALL or $BASEDIR.

License File Location

The installation dialog asks for the location of the license file.

Access Registrar requires FLEXlm license file to operate. A list
of space delimited license files or directories can be supplied as
input; license files must have the extension ".lic".

Where are the FLEXlm license files located? [] [?,q]

Cisco AR uses a licensing mechanism that requires a file to be copied from a directory on the Cisco AR workstation. Earlier versions of Cisco AR used a license key. You should copy the license file to the Cisco AR workstation before you begin the software installation. You can copy the license file to /tmp or another directory you might prefer. The installation process will copy the license file from the location you provide to /opt/CSCOar/license.

See "Cisco Access Registrar 5.0 Licensing" section for more detailed information about the Cisco AR license file requirements.

Java Runtime Environment

The installation dialog asks for the location of the Java Runtime Environment (JRE). Cisco AR provides a web-based GUI that requires JRE version 1.5.x/1.6.x to be installed on the Cisco AR server.

Where is the J2RE installed?

If you already have a Java 5 platform installed, enter the directory where it is installed. If you need the JRE, you can download it from:

http://java.sun.com


Note JRE 1.6 support will be available from patch AR 5.0.0.1 release.


Open Database Connectivity

The installation dialog asks for the location of the Oracle installation directory, required for Open Database Connectivity (ODBC) configuration. The installation process uses this information to set the ORACLE_HOME variable in the /opt/CSCOar/bin/arserver script.

If you are not using ODBC, press Enter to skip this step.


Note Oracle 8i client and 8g server are no longer supported in Cisco AR 5.0. However, Oracle 9i and 10g client and Oracle 9i, 10g, and 11g servers are supported in AR 5.0.


Example Configuration

The installation dialog asks if you want to install the example configuration. You can use the example configuration to learn about Cisco AR and to refer to the examples that appear later in this document.

You can delete the example configuration at any time by running the command:

/opt/CSCOar/bin/aregcmd -f /opt/CSCOar/examples/cli/delete-example-configuration.rc

Base Directory

The installation process asks "where do you want to install [/opt/CSCOar]?"

If the base directory does not exist, the installation process asks if you want to create the selected base directory.

The selected base directory </opt/CSCOar> must exist before
installation is attempted.

Do you want this directory created now [y,n,?,q]

The base directory must be created before you can install the software. If you do not agree to create the base directory at this point, the installation process terminates and no changes are made to the system. The default base directory is /opt/CSCOar.

setuid and setgid Permissions

The installation process asks before installing the following files with setuid and setgid permissions:

/opt/CSCOar/.system/screen <setuid root>

/opt/CSCOar/bin/aregcmd <setgid staff>

/opt/CSCOar/bin/radclient <setgid staff>

If you do not agree to install these files, the installation will continue, but you will only be able to run aregcmd as user root. Cisco recommends that you answer Yes to this question.

Continue with Installation

The final question asked by the installation process dialog is, "Do you want to continue with the installation of <CSCOar>?" Enter Y or yes to continue with the installation. No further user input is required.

Downloading Cisco Access Registrar Software

Cisco AR software is available for download from http://www.cisco.com at the following URL:

http://www.cisco.com/cgi-bin/tablebuild.pl/access-registrar-encrypted?sort=release

The page at this URL lists all available versions of Cisco AR software available for download. The current versions are:

CSCOar-5.0-sol10-K9.tar.gz for Solaris 10

CSCOar-5.0-lnx26-install-K9.sh for RedHat Enterprise Linux (RHEL) 5.3/5.4/5.5

Complete the following steps to download the software.


Step 1 Create a temporary directory, such as /tmp, to hold the downloaded software package.

Step 2 Enter the URL to the Cisco.com website for Cisco AR software:

http://www.cisco.com/cgi-bin/tablebuild.pl/access-registrar-encrypted?sort=release

Step 3 Click on the link for Cisco AR software:

CSCOar-5.0-sol10-K9.tar.gz for the Solaris 10 version, or
CSCOar-5.0-lnx26-install-K9.sh for the RedHat Enterprise Linux version.

The Software Center Download Rules page appears. You should read these rules carefully.


Warning Before downloading this software please ensure that each of the following licenses and agreements are in place with Cisco Systems or a Cisco Systems authorized reseller.


These rules require you to acknowledge the following:

A software license

A valid service agreement

By clicking Agree, you confirm that the download of this file by you is in accordance with the requirements listed and that you understand and agree that Cisco Systems reserves the right to charge you for, and you agree to pay for, any software downloads to which you are not entitled. All Cisco Systems Operating System and application software licenses and downloads are governed by Cisco Systems' applicable End User License Agreement/Software License Agreement. By clicking Agree you further agree to abide by the terms and conditions set forth in Cisco Systems' End User License agreement/Software License Agreement and your service agreement.

If you click Agree, the End User License Agreement / Software License Agreement displays.

Step 4 Read the End User License Agreement / Software License Agreement carefully, and if you accept the terms, click Accept.

The software Download page appears. In few seconds, a File Download dialog box appears. If it does not appear, click the link provided in the page.

Step 5 Click Save and indicate where to save the file on your computer, such as /tmp, then click Save again.


Cisco Access Registrar 5.0 Licensing

CAR 5.0 uses a new licensing mechanism that enables you to activate all features in Cisco AR. During system initialization, the Cisco AR server sets up the licensing data model and activates all features.

In Cisco AR 5.0, licensing is based on Transactions Per Second (TPS). Every license will cover all features, but with restrictions enforced on the TPS. TPS is calculated based on the number of packets flowing into Cisco AR irrespective of the feature.

Cisco AR can be deployed in a two-tier architecture—front-end and back-end server. The front-end server performs AAA functions and it needs the base license and the TPS license. The back-end server performs session management functions and it needs the secondary license.

Cisco AR can be deployed in an active/stand-by server combination (with Sun or VERITAS clustering solution). The active server performs all the functionality and it needs the base license and the TPS license. Only if the active server goes down, Sun /VERITAS cluster will trigger the stand-by server. The stand-by server needs a secondary license.

License Slabs

Greenfield customers can purchase Cisco Access Registrar 5.0 version by purchasing the part numbers listed in Table 1 or Table 2.

Table 1 CAR 5.0 Ordering Information 

Part Number
Description

AR-5.0-BASE-K9

Access Registrar Base license for Solaris/Linux; support for RADIUS only; limited to 100 transactions per second

AR-5.0-BASE-NG-K9

Access Registrar Next Generation Base license for Solaris/Linux; support for RADIUS, Diameter, and IPv6; limited to 100 transactions per second

AR-5.0-100TPS=

Access Registrar Additional License per server; limited to 100 transactions per second

AR-5.0-200TPS=

Access Registrar Additional License per server; limited to 200 transactions per second

AR-5.0-500TPS=

Access Registrar Additional License per server; limited to 500 transactions per second

AR-5.0-1000TPS=

Access Registrar Additional License per server; limited to 1000 transactions per second

AR-5.0-2000TPS=

Access Registrar Additional License per server; limited to 2000 transactions per second

AR-5.0-3000TPS=

Access Registrar Additional License per server; limited to 3000 transactions per second

AR-5.0-5000TPS=

Access Registrar Additional License per server; limited to 5000 transactions per second

AR-5.0-SECOND-K9

Access Registrar Secondary license; required for each secondary server

AR-5.0-DIR-BASE-K9

Access Registrar Director Base license; load balancing and AAA proxy support; required for each Access Registrar Director Base server; limited to 2000 transactions per second

AR-5.0-DRN-BASE-K9

Access Registrar Director Next Generation Base license; load balancing and AAA proxy support; Includes Diameter and IPv6 support; required for each Access Registrar Director Next Generation Base server; limited to 2000 transactions per second

AR-5.0-DIR-2KTPS=

Access Registrar Director Additional license per server; limited to 2000 transactions per second


In addition, Cisco AR is also available by e-delivery; with e-delivery, the licenses are obtained electronically. The licenses need to be ordered using the part numbers in Table 2.

Table 2 CAR 5.0 E-Delivery Ordering Information 

Part Number
Description

L-AR-5.0-100TPS=

E-Delivery Access Registrar Additional License per server; limited to 100 transactions per second

L-AR-5.0-200TPS=

E-Delivery Access Registrar Additional License per server; limited to 200 transactions per second

L-AR-5.0-500TPS=

E-Delivery Access Registrar Additional License per server; limited to 500 transactions per second

L-AR-5.0-1000TPS=

E-Delivery Access Registrar Additional License per server; limited to 1000 transactions per second

L-AR-5.0-2000TPS=

E-Delivery Access Registrar Additional License per server; limited to 2000 transactions per second

L-AR-5.0-3000TPS=

E-Delivery Access Registrar Additional License per server; limited to 3000 transactions per second

L-AR-5.0-5000TPS=

E-Delivery Access Registrar Additional License per server; limited to 5000 transactions per second

L-AR-5.0-DIR2KTPS=

E-Delivery Access Registrar Director Additional license per server; limited to 2000 transactions per second

L-AR-5.0-UP100TPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 100 transactions per second

L-AR-5.0-UP200TPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 200 transactions per second

L-AR-5.0-UP500TPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 500 transactions per second

L-AR-5.0-UP1KTPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 1000 transactions per second

L-AR-5.0-UP2KTPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 2000 transactions per second

L-AR-5.0-UP3KTPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 3000 transactions per second

L-AR-5.0-UP5KTPS=

E-Delivery Access Registrar Upgrade Additional License per server; limited to 5000 transactions per second


Upgrade Path

Existing Cisco AR customers with versions 3.x or 4.x, with or without SAS contracts, can upgrade to Cisco Access Registrar 5.0 by purchasing the appropriate upgrade part numbers listed in Table 3.

Table 3 CAR 5.0 Upgrade Ordering Information 

Part Number
Description

AR-5.0-UPG-K9

Access Registrar Upgrade Base license for Solaris/Linux; limited to 100 transactions per second

AR-5.0-UPG-NG-K9

Access Registrar Next Generation Base Upgrade license for Solaris/Linux; support for IPv6 and Diameter; limited to 100 transactions per second

AR-5.0-UP100TPS=

Access Registrar Upgrade Additional License per server; limited to 100 transactions per second

AR-5.0-UP200TPS=

Access Registrar Upgrade Additional License per server; limited to 200 transactions per second

AR-5.0-UP500TPS=

Access Registrar Upgrade Additional License per server; limited to 500 transactions per second

AR-5.0-UP1KTPS=

Access Registrar Upgrade Additional License per server; limited to 1000 transactions per second

AR-5.0-UP2KTPS=

Access Registrar Upgrade Additional License per server; limited to 2000 transactions per second

AR-5.0-UP3KTPS=

Access Registrar Upgrade Additional License per server; limited to 3000 transactions per second

AR-5.0-UP5KTPS=

Access Registrar Upgrade Additional License per server; limited to 5000 transactions per second

AR-5.0-UPSECOND-K9

Access Registrar Upgrade Secondary license; required for each secondary server


Getting Cisco Access Registrar 5.0 License

When you order the CAR 5.0 product, a text license file will be sent to you by e-mail. If you are evaluating the software, Cisco will provide you with an evaluation license.

If you decide to upgrade your Cisco AR software, a new text license file will be sent to you by e-mail.


Note While upgrading, the licenses of previous versions cannot be used with Cisco AR 5.0. Backward compatibility support in terms of license will not be available in this version.


If you receive a Software License Claim Certificate, you can get your Cisco AR license file at one of the two following URLs:

www.cisco.com/go/license

Use this site if you are a registered user of Cisco.com.

www.cisco.com/go/license/public

Use this site if you are not a registered user of Cisco.com.

Within one hour of registration at either of the above websites, you will receive your license key file and installation instructions in e-mail.

Installing Cisco Access Registrar 5.0 Licenses

You must have a license in a directory on the Cisco AR machine before you attempt to install Cisco AR software. If you have not installed the Cisco AR license file before beginning the software installation, the installation process will fail.

You can store the Cisco AR license file in any directory on the Cisco AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory, or $INSTALL/license if you are not using the default installation location.

The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in e-mail to an accessible directory.

Adding Additional Cisco Access Registrar 5.0 Licenses

If you add additional licenses, you can open the file in /opt/CSCOar/license and add additional lines to the license file, or you can create an additional license file to hold the new lines. If you add a new file, remember to give it a .lic suffix. You must restart the Cisco AR server for the new license to take effect. To restart the Cisco AR server, enter the following on the server command line:

/opt/CSCOar/bin/arserver  restart

Sample License File

The following is an example of a CAR 5.0 license file.

INCREMENT AR-BASE-100TPS cisco 5.0 09-feb-2010 uncounted HOSTID=ANY \
NOTICE="<LicFileID></LicFileID><LicLineID>0</LicLineID> \
<PAK>dummyPak</PAK>" SIGN=ABCDEF123456
INCREMENT AR-ADD-TPS cisco 5.0 09-feb-2010 uncounted \
VENDOR_STRING=<count>1000</count> HOSTID=ANY \
NOTICE="<LicFileID></LicFileID><LicLineID>5</LicLineID> \
<PAK>dummyPak</PAK>" SIGN=ABCDEF123456

Displaying License Information

Cisco AR provides two ways of getting license information using aregcmd:

aregcmd command-line option

Launching aregcmd

aregcmd Command-Line Option

Cisco AR provides a new -l command-line option to aregcmd. The syntax is:

aregcmd -l directory_name

where directory_name is the directory where the Cisco AR license file is stored. The following is an example of the aregcmd -l command:

aregcmd -l /opt/CSCOar/license    
Licensed Application: Cisco Access Registrar (Standard Version)

 Following are the licensed components:

                          NAME     VERSION          EXPIRY_INFO       COUNT
                          ====     =======          ===========       =====
                AR-Base-100TPS         5.0          30-Nov-2009         100
                    AR-ADD-TPS         5.0          30-Nov-2009         100

Launching aregcmd

The Cisco AR server displays license information when you launch aregcmd, as shown in the following:

aregcmd

Cisco Access Registrar 5.0 Configuration Utility
Copyright (C) 1995-2008 by Cisco Systems, Inc. All rights reserved.
Logging in to localhost

[ //localhost ]
LicenseInfo = AR-Base-100TPS 5.0 (expires on 30-Nov-2009)
              AR-ADD-TPS 5.0 (expires on 30-Nov-2009)
Radius/
Administrators/

Server 'Radius' is Running, its health is 10 out of 10