Installing and Configuring Cisco Prime Access Registrar 6.0
Chapter 1 Overview
Downloads: This chapterpdf (PDF - 182.0KB) The complete bookPDF (PDF - 902.0KB) | Feedback

Overview

Table Of Contents

Overview

About Cisco Prime Access Registrar

Prerequisites

System Requirements

Installation Dialog Overview

Installation Type

Installation Location

License File Location

Java Runtime Environment

Open Database Connectivity

Example Configuration

Base Directory

setuid and setgid Permissions

Continue with Installation

Downloading Cisco Prime Access Registrar Software

Cisco Prime Access Registrar 6.0 Licensing

License Slabs

Upgrade Path

Getting a Cisco Prime Access Registrar 6.0 License

Installing Cisco Prime Access Registrar 6.0 Licenses

Adding Additional Cisco Prime Access Registrar 6.0 Licenses

Sample License File

Displaying License Information

aregcmd Command-Line Option

Launching aregcmd


Overview


This chapter provides an overview of the software installation process. You can install the Cisco Prime AR 6.0 software on a machine for the first time, or you can upgrade the existing Cisco Prime AR software to Cisco Prime AR 6.0.

Cisco Prime AR software is available in a packaged DVD-ROM or can be download from the Cisco.com website. "Downloading Cisco Prime Access Registrar Software" section provides detailed information about downloading the Cisco Prime AR 6.0 software.

Before you install the Cisco Prime AR 6.0 software, you must copy a license file to the location where you will install the software. You will receive the license file as an e-mail attachment. "Cisco Prime Access Registrar 6.0 Licensing" section provides detailed information about the new licensing mechanism in Cisco Prime AR.


Note Before you begin the software installation, ensure that your server has the recommended patches. For patch details refer Installing Cisco Prime Access Registrar 6.0. A dedicated server should be allocated for Cisco Prime AR installation and it is recommended to run Cisco Prime AR as a standalone application. Installing any other application(s) in the same server is not supported.


This chapter contains the following sections:

About Cisco Prime Access Registrar

Installation Dialog Overview

Downloading Cisco Prime Access Registrar Software

Cisco Prime Access Registrar 6.0 Licensing

About Cisco Prime Access Registrar

Cisco Prime AR is a RADIUS (Remote Authentication Dial-In User Service) server that enables multiple dial-in Network Access Server (NAS) devices to share a common authentication, authorization, and accounting database.

Prerequisites

Before you install Cisco Prime AR, ensure that:

You have the recommended hardware and software requirements.

You have a valid Cisco Prime AR license.

You have installed 32-bit Java 1.5 or 1.6.

Oracle 10g or 11g client is installed, if you are using Oracle.

You have the following 32-bit rpm files while installing the Cisco Prime AR without SIGTRAN_M3UA process in RHEL6.2:

nss-softokn-freebl-3.12.9-11.el6.i686.rpm

glibc-2.12-1.47.el6.i686.rpm

ncurses-libs-5.7-3.20090208.el6.i686.rpm

ncurses-devel-5.7-3.20090208.el6.i686.rpm

ncurses-5.7-3.20090208.el6.i686.rpm

nspr-4.8.8-3.el6.i686.rpm

nss-util-3.12.10-2.el6.i686.rpm

You have the following 32-bit rpm files while installing the Cisco Prime AR with SIGTRAN_M3UA process in RHEL6.2:

nss-softokn-freebl-3.12.9-11.el6.i686.rpm

glibc-2.12-1.47.el6.i686.rpm

ncurses-libs-5.7-3.20090208.el6.i686.rpm

ncurses-devel-5.7-3.20090208.el6.i686.rpm

ncurses-5.7-3.20090208.el6.i686.rpm

nspr-4.8.8-3.el6.i686.rpm

nss-util-3.12.10-2.el6.i686.rpm

gamin-0.1.10-9.el6.i686.rpm

libselinux-2.0.94-5.2.el6.i686.rpm

glib2-2.22.5-6.el6.i686.rpm

zlib-1.2.3-27.el6.i686.rpm

libxml2-2.7.6-4.el6.i686.rpm

gdome2-0.8.1-1.i386.rpm

glib-1.2.10-33.el6.i686.rpm

libgcc-4.4.6-3.el6.i686.rpm

libstdc++-4.4.6-3.el6.i686.rpm


Note You must install the 32-bit rpm verions relevant to the RHEL OS versions while installing Cisco Prime AR.


Before enabling the SIGTRAN-M3UA remote server, ensure the following:

LKSCTP is not available in the Cisco Prime AR server.

You restart the Cisco Prime AR server whenever you make any SIGTRAN-M3UA configuration changes.

System Requirements

This section describes the system requirements to install and use the Cisco Prime AR software.

Table 1 lists the system requirements for Cisco Prime AR 6.0.

Table 1 Minimum Hardware and Software Requirements for Cisco Prime AR Server 

Component
Operating System
Solaris
Linux

OS version

Solaris 10

RHEL 5.3/5.4/5.5/6.0/6.1/6.2

Model

SPARC Enterprise T5220

X86

CPU type

UltraSPARC-T2 (SPARC V9)

Intel Xeon CPU 3.40 GHz

CPU Number

8 cores (8 threads each)

4

CPU speed

1165 MHz

3.40 GHz

Memory (RAM)

8 GB

8 GB

Swap space

10 GB

10 GB

Disk space

50 GB

50 GB


Installation Dialog Overview

You use the pkgadd command to install Cisco Prime AR 6.0 software on Solaris 10 servers. The Linux version of Cisco Prime AR 6.0 uses the RedHat Package Manager (RPM) and installs as a script. When you begin the software installation, the installation process uses a dialog to determine how to install the software.

Installation Type

Before you begin the installation, you need to first decide the type of installation to be performed. Your choices are Full or Config only. The default and most common installation type is Full.

The Full installation type installs all parts of the Cisco Prime AR 6.0 software including the server components, the example configuration, and the configuration utility, aregcmd.

The Config only installation type only installs the example configuration and the configuration utility, aregcmd. You can use one instance of aregcmd to maintain other servers running the server software.

Installation Location

The next question in the installation dialog asks, "Where do you want to install?" The default location to install the software is /opt/CSCOar. You can choose to specify another location by entering it at this point. That directory would then be the base install directory, sometimes referred to as $INSTALL or $BASEDIR.

License File Location

The installation dialog asks for the location of the license file.

Cisco Prime Access Registrar requires FLEXlm license file to
operate. A list of space delimited license files or directories
can be supplied as input; license files must have the extension
".lic".
 
   
Where are the FLEXlm license files located? [] [?,q]
 
   

Cisco Prime AR uses a licensing mechanism that requires a file to be copied from a directory on the Cisco Prime AR workstation. Earlier versions of Cisco Prime AR used a license key. You should copy the license file to the Cisco Prime AR workstation before you begin the software installation. You can copy the license file to /tmp or another directory you might prefer. The installation process will copy the license file from the install location that you have provided, for example /opt/CSCOar/license.

See "Cisco Prime Access Registrar 6.0 Licensing" section for more detailed information about the Cisco Prime AR license file requirements.

Java Runtime Environment

The installation dialog asks for the location of the Java Runtime Environment (JRE). Cisco Prime AR provides a web-based GUI that requires JRE version 1.5.x/1.6.x to be installed on the Cisco Prime AR server.

Where is the J2RE installed?
 
   

If you already have a Java 5 or 6 platform installed, enter the directory where it is installed. If you need the JRE, you can download it from:

http://java.sun.com

Open Database Connectivity

The installation dialog asks for the location of the Oracle installation directory, required for Open Database Connectivity (ODBC) configuration. The installation process uses this information to set the ORACLE_HOME variable in the /opt/CSCOar/bin/arserver script.

If you are not using ODBC, press Enter to skip this step.


Note Oracle 9i,10g, and 11i clients and Oracle 9i, 10g, and 11g servers are supported in Cisco Prime AR 6.0.


Example Configuration

The installation dialog asks if you want to install the example configuration. You can use the example configuration to learn about Cisco Prime AR and to understand the Cisco Prime AR configuration.

You can delete the example configuration at any time by running the command:

/opt/CSCOar/bin/aregcmd -f /opt/CSCOar/examples/cli/delete-example-configuration.rc

Base Directory

On initiating the installation process, a message stating whether you want to install the Cisco Prime AR in the /opt/CSCOar base directory is displayed. You need to select the required option to proceed further.

If the base directory does not exist, a message stating whether you want to create the selected base directory is displayed. You need to select the required option to proceed installation.

The selected base directory </opt/CSCOar> must exist before
installation is attempted.
 
   
Do you want this directory created now [y,n,?,q]
 
   

The base directory must be created before you can install the software. If you do not agree to create the base directory at this point, the installation process terminates and no changes are made to the system. The default base directory is /opt/CSCOar.

setuid and setgid Permissions

During installation, the installation process prompts you to install the following files with setuid and setgid permissions:

/opt/CSCOar/.system/screen <setuid root>

/opt/CSCOar/bin/aregcmd <setgid staff>

/opt/CSCOar/bin/radclient <setgid staff>

If you do not agree to install these files, the installation will continue, but you will only be able to run aregcmd as user root. We recommend that you answer Yes to this question.


Note The aregcmd and radclient have the setuid/setgid bit set. This is Solaris's way of assigning the owner's (root's) privileges to other users (non-root).


Continue with Installation

Before executing the library files and other packages, a confirmation message stating that "Do you want to continue with the installation of <CSCOar>?" is displayed. Enter Y or yes to continue with the installation. No further user input is required.

Downloading Cisco Prime Access Registrar Software

Cisco Prime AR software is available for download at:

http://www.cisco.com/cgi-bin/tablebuild.pl/access-registrar-encrypted?sort=release

All versions of Cisco Prime AR software available for download are listed. The current versions are:

CSCOar-6.0.0.0-sol10-K9.tar.gz for Solaris 10

CSCOar-6.0.0.0-lnx26-install-K9.sh for RedHat Enterprise Linux (RHEL) 5.3/5.4/5.5/6.0/6.1/6.2

Complete the following steps to download the software.


Step 1 Create a temporary directory, similar to /tmp, to hold the downloaded software package.

Step 2 Enter the URL to the Cisco.com website for Cisco Prime AR software:

http://www.cisco.com/cgi-bin/tablebuild.pl/access-registrar-encrypted?sort=release

Step 3 Click on the link for Cisco Prime AR software:

CSCOar-6.0.0.0-sol10-K9.tar.gz for the Solaris 10 version, or
CSCOar-6.0.0.0-lnx26-install-K9.sh for the RedHat Enterprise Linux version.

The Software Center Download Rules page appears. You should read these rules carefully.


Warning Before downloading this software please ensure that each of the following licenses and agreements are in place with Cisco Systems or a Cisco Systems authorized reseller.

These rules require you to acknowledge the following:

A software license

A valid service agreement

By clicking Agree, you confirm that the download of this file by you is in accordance with the requirements listed and that you understand and agree that Cisco Systems reserves the right to charge you for, and you agree to pay for, any software downloads to which you are not entitled. All Cisco Systems Operating System and application software licenses and downloads are governed by Cisco Systems' applicable End User License Agreement/Software License Agreement. By clicking Agree you further agree to abide by the terms and conditions set forth in Cisco Systems' End User License agreement/Software License Agreement and your service agreement.

If you click Agree, the End User License Agreement / Software License Agreement displays.

Step 4 Read the End User License Agreement / Software License Agreement carefully, and if you accept the terms, click Accept.

The software Download page appears. In few seconds, a File Download dialog box appears. If it does not appear, click the link provided in the page.

Step 5 Click Save and indicate where to save the file on your computer, such as /tmp, then click Save again.


Cisco Prime Access Registrar 6.0 Licensing

In Cisco Prime AR 6.0, licensing is based on transactions per second (TPS) or concurrent online/active subscribers/devices sessions (SUB). TPS is calculated based on the number of packets flowing into Cisco Prime AR. In Session based licensing model, the license is managed based on the number of sessions that resides in Cisco Prime AR. During Cisco Prime AR startup, either TPS based licensing or session based licensing model should be loaded.

The Remote Authentication Dial-In User Service (RADIUS) transaction in Cisco Prime AR constitutes:

Access-Request/Access-Accept pair

Access-Request/Access-Reject pair

Access-Request/Access-Challenge pair

Accounting-Request/Accounting-Response pair

Each pair (request and its response) is one transaction. In a proxy scenario, the additional traffic created by the proxy request from Cisco Prime AR and its response will not be considered as a different transaction. However, only those requests from the RADIUS client/NAS is taken as a transaction.

The Diameter transaction constitutes a complete Diameter-Request and Diameter-Answer.

Cisco Prime AR can be deployed in an active/stand-by server combination (with Sun, VERITAS, or RHEL clustering solution). The active server performs all the AAA functionality. Only if the active server goes down, Sun /VERITAS/RHEL cluster will trigger the stand-by server.

Cisco Prime AR can optionally be deployed in a two-tier architecture—front-end and back-end server. The front-end server performs AAA functions. The back-end server performs session management functions.

License Slabs

Greenfield customers can purchase Cisco Prime AR 6.0 version by purchasing the required part numbers. Cisco Prime AR is also available by e-delivery; with e-delivery, the licenses are obtained electronically. The licenses need to be ordered using the part numbers in Table 2.

Table 2 Cisco Prime AR 6.0 Ordering Information 

Part Number
Description

PRIME-ACC-REG

Physical delivery of Prime Access Registrar software/license.

R-PRIME-ACC-REG

Electronic delivery of Prime Access Registrar software/license.

PAR60-TPS-K9

Prime Access Registrar Base license for Solaris/Linux; support for RADIUS; required for each region, supports 100 transactions per second

PAR60-NG-TPS-K9

Prime Access Registrar Next Generation Base license for Solaris/Linux; required for each region, support for RADIUS, Diameter, and IPv6;
supports 100 transactions per second

PAR60-DIR-BASE-K9

Prime Access Registrar Director Base license; intelligent AAA proxy, and Accounting write support; Includes RADIUS support; required for each region;
supports 2000 transactions per second

PAR60-DIR-2KTPS

Prime Access Registrar Director Additional license;
supports 2000 transactions per second

PAR60-100TPS

Prime Access Registrar Additional License;
supports 100 transactions per second

PAR60-200TPS

Prime Access Registrar Additional License;
supports 200 transactions per second

PAR60-500TPS

Prime Access Registrar Additional License;
supports 500 transactions per second

PAR60-1000TPS

Prime Access Registrar Additional License;
supports 1000 transactions per second

PAR60-2000TPS

Prime Access Registrar Additional License;
supports 2000 transactions per second

PAR60-3000TPS

Prime Access Registrar Additional License;
supports 3000 transactions per second

PAR60-5000TPS

Prime Access Registrar Additional License;
supports 5000 transactions per second

PAR60-SUB-K9

Prime Access Registrar Subscriber Base license for Solaris/Linux; required for each region; support for RADIUS; supports up to 100,000 concurrent active sessions

PAR60-NG-SUB-K9

Prime Access Registrar Next Generation Subscriber Base license for Solaris/Linux; required for each region; support for RADIUS, Diameter, and IPv6; supports up to 100,000 concurrent active sessions

PAR60-100K

Prime Access Registrar Additional Subscriber License region;
supports 100,000 concurrent active sessions

PAR60-200K

Prime Access Registrar Additional Licenser;
supports 200,000 concurrent active sessions

PAR60-500K

Prime Access Registrar Additional License;
supports 500,000 concurrent active sessions

PAR60-1M

Prime Access Registrar Additional License;
supports 1 million concurrent active sessions

PAR60-2M

Prime Access Registrar Additional License;
supports 2 million concurrent active sessions


Upgrade Path

Existing Cisco Prime AR customers with versions 4.2 or 5.x can upgrade to Cisco Prime Access Registrar 6.0 by purchasing the appropriate upgrade part numbers listed in Table 3. For more information, please send an e-mail to ar-tme@cisco.com.

Table 3 Cisco Prime AR 6.0 Upgrade Ordering Information 

Part Number
Description

PAR60-UP-TPS-K9

Prime Access Registrar Upgrade Base license for Solaris/Linux; support for RADIUS; required for each region, supports 100 transactions per second

PAR60-UPNG-TPS-K9

Prime Access Registrar Upgrade Next Generation Base license for Solaris/Linux; required for each region, support for RADIUS, Diameter, and IPv6;
supports 100 transactions per second

PAR60-DIR-UP-K9

Prime Access Registrar Upgrade Director Base license; intelligent AAA proxy, and Accounting write support; Includes RADIUS support; required for each Access Registrar Director Base server;
supports 2000 transactions per second.

PAR60-UPD2KTPS

Prime Access Registrar Upgrade Director Additional License; supports 2000 transactions per second

PAR60-UP100TPS

Prime Access Registrar Upgrade Additional License;
supports 100 transactions per second.

PAR60-UP200TPS

Prime Access Registrar Upgrade Additional License;
supports 200 transactions per second.

PAR60-UP500TPS

Prime Access Registrar Upgrade Additional License;
supports 500 transactions per second.

PAR60-UP1KTPS

Prime Access Registrar Upgrade Additional License;
supports 1000 transactions per second.

PAR60-UP2KTPS

Prime Access Registrar Upgrade Additional License;
supports 2000 transactions per second.

PAR60-UP3KTPS

Prime Access Registrar Upgrade Additional License;
supports 3000 transactions per second.

PAR60-UP5KTPS

Prime Access Registrar Upgrade Additional License;
supports 5000 transactions per second.

PAR60-UP-SUB-K9

Prime Access Registrar Upgrade Subscriber Base license for Solaris/Linux; required for each region; support for RADIUS; supports 100,000 concurrent active sessions.

PAR60-UPNG-SUB-K9

Prime Access Registrar Upgrade Next Generation Subscriber Base license for Solaris/Linux; required for each region; support for RADIUS, Diameter, and IPv6; supports upto 100,000 concurrent active sessions.

PAR60-UP100K

Prime Access Registrar Upgrade Additional Subscriber License; supports upto 100,000 concurrent active sessions.

PAR60-UP200K

Prime Access Registrar Upgrade Additional Subscriber License; supports upto 200,000 concurrent active sessions.

PAR60-UP500K

Prime Access Registrar Upgrade Additional Subscriber License; supports upto 500,000 concurrent active sessions

PAR60-UP1M

Prime Access Registrar Upgrade Additional Subscriber License; supports upto 1 million concurrent active sessions

PAR60-UP2M

Prime Access Registrar Upgrade Additional Subscriber License; supports upto 2 million concurrent active sessions


Getting a Cisco Prime Access Registrar 6.0 License

When you order the Cisco Prime AR 6.0 product, a text license file will be sent to you by e-mail. If you are evaluating the software, Cisco will provide you with an evaluation license.

If you decide to upgrade your Cisco Prime AR software, a new text license file will be sent to you by e-mail.


Note While upgrading, the licenses of previous versions cannot be used with Cisco Prime AR 6.0. Backward compatibility support in terms of license will not be available in this version.


If you receive a Software License Claim Certificate, you can get your Cisco Prime AR license file at the following URL:

www.cisco.com/go/license


Note You need to be the registered user of Cisco.com to generate a Software License.


Within one hour of registration at the above website, you will receive your license key file and installation instructions in e-mail.

Installing Cisco Prime Access Registrar 6.0 Licenses

You must have a license in a directory on the Cisco Prime AR machine before you attempt to install Cisco Prime AR software. If you have not installed the Cisco Prime AR license file before beginning the software installation, the installation process will fail.

You can store the Cisco Prime AR license file in any directory on the Cisco Prime AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory, or $INSTALL/license directory if you are not using the default installation location.

The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco Prime AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in e-mail to an accessible directory.

Adding Additional Cisco Prime Access Registrar 6.0 Licenses

If you add additional licenses, you can open the file in /opt/CSCOar/license and add additional lines to the license file, or you can create an additional license file to hold the new lines. If you add a new file, remember to give it a .lic suffix. You must restart the Cisco Prime AR server for the new license to take effect. To restart the Cisco Prime AR server, enter the following on the server command line:

/opt/CSCOar/bin/arserver  restart

Sample License File

The following is an example of a Cisco Prime AR 6.0 license file.

INCREMENT PAR-SIG-NG-SUB cisco 6.0 31-dec-2012 uncounted \
       VENDOR_STRING=<count>1</count> HOSTID=ANY \
       NOTICE="<LicFileID></LicFileID><LicLineID>0</LicLineID> \
       <PAK>dummyPak</PAK>" SIGN=14C9F856DABE
INCREMENT PAR-SIG-ADD-SUB cisco 6.0 31-dec-2012 uncounted \
       VENDOR_STRING=<count>100K</count> HOSTID=ANY \
       NOTICE="<LicFileID></LicFileID><LicLineID>1</LicLineID> \
       <PAK>dummyPak</PAK>" SIGN=DD81D17C2A1E
 
   

Displaying License Information

Cisco Prime AR provides two ways of getting license information using aregcmd:

aregcmd command-line option

Launching aregcmd

aregcmd Command-Line Option

Cisco Prime AR provides a new -l command-line option to aregcmd. The syntax is:

aregcmd -l directory_name

where directory_name is the directory where the Cisco Prime AR license file is stored. The following is an example of the aregcmd -l command:

aregcmd -l /opt/CSCOar/license    
Licensed Application: Cisco Prime Access Registrar (Standard Version)
 
   
 Following are the licensed components:
 
   
                          NAME     VERSION          EXPIRY_INFO       COUNT
                          ====     =======          ===========       =====
                    PAR-NG-TPS         6.0          09-Aug-2012         100
                    PAR-ADD-TPS        6.0          09-Aug-2012         100
 
   

Launching aregcmd

The Cisco Prime AR server displays license information when you launch aregcmd, as shown in the following:

aregcmd

Cisco Prime Access Registrar 6.0.0.0 Configuration Utility
Copyright (C) 1995-2012 by Cisco Systems, Inc. All rights reserved.
Logging in to localhost
 
   
[ //localhost ]
LicenseInfo = PAR-NG-TPS  6.0 (100TPS:expires on 09-Aug-2012)
             PAR-ADD-TPS  6.0  (100TPS:expires on 09-Aug-2012)
Radius/
Administrators/
 
   
Server 'Radius' is Running, its health is 10 out of 10