|
|
This chapter describes how to install and configure Cisco Secure ACS Appliance version 3.2. It contains the following sections:
Table 3-1 provides a high-level overview of the installation process.
| Task | Steps | References |
|---|---|---|
Attach the cable tray to the back panel of the Cisco Secure ACS Appliance |
||
| 4. Attach the rack mount brackets to the rack. | ||
| 1. Plug the network connection into the Ethernet NIC 1 port. | ||
| 1. Boot the Cisco Secure ACS Appliance and log in from a serial console.
2. Configure the initial Cisco Secure ACS Appliance connectivity by responding to the prompts. |
||
| 1. Reboot the Cisco Secure ACS Appliance. | ||
The second phase of Cisco Secure ACS Appliance configuration is performed via the HTML interface and is beyond the scope of this guide. |
Next Steps, and the User Guide for Cisco Secure ACS Appliance |
This section provides instructions for installing the Cisco Secure ACS Appliance in a rack. The rack must be properly secured to the floor, to the ceiling, or to an upper wall, and where applicable, to adjacent racks. The rack should be secured using floor and wall fasteners and bracing specified or approved by the rack manufacturer or by industry standards. Refer to the installation documentation from the rack manufacturer for precautionary warnings and information before you install the Cisco Secure ACS Appliance.
Before you install the Cisco Secure ACS Appliance in a rack, read Preparing Your Site for Installation, to familiarize yourself with proper site and environmental conditions. Failure to read and follow these guidelines could lead to an unsuccessful installation and possibly damage the system and components or injury to yourself. Follow the guidelines below when installing and servicing the Cisco Secure ACS Appliance:
 |
Warning Before working on a system that has an on/off switch, turn OFF the power and unplug the power cord. |
|
Warning Do not touch the power supply when the power cord is connected. For systems with a power switch, line voltages are present within the power supply even when the power switch is off and the power cord is connected. For systems without a power switch, line voltages are present within the power supply when the power cord is connected. |
See "Preparing for Installation," for additional safety information regarding installing the Cisco Secure ACS Appliance.
This section contains the following subsections:
The Cisco Secure ACS Appliance access panel can be removed to gain access to internal components or to allow clearance for attaching the optional cable support bracket.
|
Warning Before working on a system that has an on/off switch, turn OFF the power and unplug the power cord. |
|
Warning Before working on a chassis or working near power supplies, unplug the power cord on AC units. |
|
Warning Before opening the chassis, disconnect the telephone-network cables to avoid contact with telephone-network voltages |
|
Warning The safety cover is an integral part of the product. Do not operate the unit without the safety cover installed. Operating the unit without the cover in place will invalidate the safety approvals and pose a risk of fire and electrical hazards. |
 |
Caution Electrostatic discharge can damage electronic components. Be sure you are properly grounded if you may come in contact with components. |
To remove the Cisco Secure ACS Appliance access panel, follow these steps:
Step 2 Disconnect from network cabling.
Step 3 Hold down the two latches on the top of the access panel while sliding it toward the rear of the unit (about half an inch).
Step 4 Lift and remove the access panel.
 |
Tip Reverse this procedure to reattach the access panel. |
To install the Cisco Secure ACS Appliance in a rack, follow these steps:
a. Loosen the thumbnuts on each of the two rack rails provided.
b. Adjust the length of the rails so that the endplates fit on the outside of the rack.
Step 2 Attach the rails to the rack:
a. Using 8 screws that you provide, appropriate to the size of your rack (1/4-20 or M6 thread size suggested), fasten the front and back support plates of each rack rail to the front and back of the rack.
b. See Figure 3-1 for proper positioning of support plates.
Step 3 Attach the optional cable support bracket:
a. Remove the access panel. (See Accessing Internal Components).
b. On the left side of the back panel, hook the cable support bracket to the chassis.
c. Use the thumbnut on the right of the cable support bracket to fasten it to the back of the chassis.
e. Using the thumbnuts on the optional cable clamp tray, fasten it to the cable support bracket and to the rack rail.
|
Caution The rack-mount kit is not intended for use as a slide rail system. You must complete installation of the front-mount bracket assembly by securely fastening the chassis into the rack. |
Step 4 Fasten the chassis:
a. Slide the chassis into the rack rails.
b. Secure the chassis to the rack by tightening the two thumbnuts on the front panel of the chassis. (See item 1 on Figure 3-1.)
Use unshielded twisted pair (UTP) copper wire Ethernet cable, with standard RJ-45 compatible plugs, to connect Cisco Secure ACS Appliance to the network.
To connect the cables, follow these steps:
|
Tip The Ethernet port for NIC 1 is the lower of the two ethernet ports. Only one Ethernet port can be used at one time. |
Step 2 Open the cable clamp and route the Ethernet cable through it.
Step 3 Connect a console to the serial port on the back panel. To connect the console to the terminal port:
a. Attach a DB-9 to RJ-45 adapter (provided) to the serial port on the console.
b. Attach a DB-9 to RJ-45 adapter (provided) to the console serial port on the back panel of the Cisco Secure ACS Appliance.
c. Connect the console to the Cisco Secure ACS Appliance using an RJ-45 cable (provided).
d. Route the RJ45 cable through the cable clamp.
 |
Note The console terminal must be set to the VT 100 mode with 115200 baud, 8 bits, no parity, stops 1, and no flow control. |
|
Warning Do not work on the system or connect or disconnect cables during periods of lightning activity. |
Step 2 Route the power cable from the back of the chassis through the cable clamp.
Step 3 Close the cable clamp by sliding the two sides together and then tighten the thumbnuts on the clamp to secure the clamp closed.
Step 4 Connect the AC power receptacle to the AC power source with the provided power cable.
To power on the Cisco Secure ACS Appliance, press the power switch. (For location of the power switch, see Figure 1-2.
To turn power off, press and hold the power switch. The power switch is located on the front panel, see Figure 1-2. The power ON/OFF LED indicator is located directly above the power switch.
The system begins booting and sends messages to the console window. When the login: prompt appears, you can configure the system.
There are essentially four parts to configuring the Cisco Secure ACS Appliance. The first three steps are documented in this manual:
|
Note The fourth and final part of the configuration, which includes establishing administrative and user accounts and configuring network connections, is performed via the HTML interface and is detailed in the User Guide for Cisco Secure ACS Appliance. |
Before you can perform the initial configuration of Cisco Secure ACS Appliance, you must establish a serial console connection to it. This requires a PC, two DB-9 to RJ-45 adapters (provided), an RJ-45 cable (provided), and Telnet communications software (Hyper Terminal or equivalent).
To establish a serial console connection, follow these steps:
|
Note Step 1 should already have been done when you performed the procedure detailed in Connecting Cables, page 3-8. |
a. Attach a DB-9 to RJ-45 adapter (provided) to the serial port of the console.
b. Attach a DB-9 to RJ-45 adapter (provided) to the serial port of the Cisco Secure ACS Appliance. For the location of the serial port, see Figure 1-3.
c. Use an RJ-45 cable (provided) to connect the console to the Cisco Secure ACS Appliance.
|
Tip You may also use a serial concentrator connection, if desired. |
Step 2 Power on Cisco Secure ACS Appliance and the console, and open your Telnet communications software on the console.
|
Note Serial console service starts when Cisco Secure ACS Appliance boots up. |
Step 3 Set your Telnet software to operate with the following settings:
Result: The login: prompt appears.
You must configure the Cisco Secure ACS Appliance when you boot the system for the first time, and whenever you re-image the system.
Before you begin to configure the appliance, you should have the following information at hand:
To configure the Cisco Secure ACS Appliance, follow these steps:
|
Note If the Cisco Secure ACS Appliance is not configured (that is, it is new or has been re-imaged) the system displays the system information—including the software version. |
Step 2 Confirm that the following information is displayed above the login: prompt:
Step 3 At the login: prompt, type Administrator and then press Enter.
|
Note When you boot the system for the first time, it is not configured. Logging in as Administrator allows you to configure the system. |
Result: The system displays the password: prompt.
Step 4 At the password: prompt, type setup and press Enter.
Result: The system displays the following message on the console:
Step 5 At the ACS Appliance name [deliverance1]: prompt, type the name you intend to use for your Cisco Secure ACS Appliance, and then press Enter.
|
Tip The name can contain up to 15 letters and numbers, but no spaces. |
Result: The system displays the following message on the console:
Step 6 At the DNS domain [ ]: prompt, type the domain name. Then press Enter.
Result: The system displays the following message on the console:
Step 7 At the Enter new account name: prompt, type the Cisco Secure ACS Appliance administrator account name, and then press Enter.
|
Tip There is only one Cisco Secure ACS Appliance administrator account at a given time. The account's credentials can be changed. For more information see "Resetting the Appliance Administrator Password." |
Step 8 At the Enter new password: prompt, type the new Cisco Secure ACS Appliance password and press Enter.
|
Note The new password must contain a minimum of 6 characters, and it must include a mix of at least 3hree character types (uppercase letters, lowercase letters, digits, and special characters). Each of the following examples is acceptable: 1PaSsWoRd, *password44, Pass*word. The password cannot contain the account name. |
Step 9 At the Enter new password again: prompt, type the new Cisco Secure ACS Appliance password, and then press Enter.
Result: The system displays the following message on the console:
Step 10 At the Use Static IP Address [Yes]: prompt, type Y for yes or N for No, and then press Enter.
|
Note Whether set directly (by answering Y to this step), or by using an alternative network device (for example, a DHCP server), a static IP address must be assigned to your Cisco Secure ACS Appliance. |
Step 11 The following prompts appear only if you set a static IP address manually. Otherwise the following message appears:
a. To specify the Cisco Secure ACS Appliance IP address, at the IP Address [xx.xx.xx.xx]: prompt, type the IP address, and then press Enter.
b. At the Subnet Mask [xx.xx.xx.xx]: prompt, type the subnet mask value, and then press Enter.
c. At the Default Gateway [xx.xx.xx.xx]: prompt, type the default gateway value, and then press Enter.
d. At the DNS Servers [xx.xx.xx.xx]: prompt, type the address of any DNS servers you intend to use (separate each by a single space), and then press Enter.
|
Note If you do not intend to use a DNS server, enter any IP address at the DNS Servers [xx.xx.xx.xx]: prompt. If you do not configure the Cisco Secure ACS Appliance to use a DNS server, you must respond to all prompts for "hostname or IP address" only with an IP address. |
Result: The system displays the new configuration information followed by the following message:
Result: The system displays the following message:
|
Tip This step is essentially executing a ping command to ensure the connectivity of the Cisco Secure ACS Appliance. |
g. At the prompt, Enter hostname or IP address:, type the IP address or hostname of a device connected to the Cisco Secure ACS Appliance and then press Enter.
Result: If successful, the system displays the ping statistics. The system displays the prompt: Test network connectivity [Yes]:.
h. If network connectivity is proven okay in the previous two steps, at the prompt, Test network connectivity [Yes]:, type N, and then press Enter.
|
Tip The system continues to provide you with the opportunity to test network connectivity until you answer no. This gives you an opportunity, if required, to correct network connections or retype the IP address. |
Step 12 If the settings have been correctly displayed, at the prompt, Accept network setting [Yes]:, type Y, and then press Enter.
Result: The system displays the following message on the console:
Step 13 To set the time and date of the Cisco Secure ACS Appliance, at the Change Date & Time Setting [N]: prompt, type Y, and then press Enter.
Result: The system displays a numbered list of time zones.
Step 14 At the Enter desired time zone index (0 for more choices): prompt, type the index number of the time zone you want set, and then press Enter.
Result: The system displays the new time zone.
Step 15 At the Synchronize with NTP server? [N]: prompt, do one of the following:
a. To set the time manually, type N, and then press Enter.
b. To use an NTP server for setting time, type Y, and when prompted enter the IP address of the NTP server you want to use.
Result: The system displays a confirmation message reflecting your choice.
Step 16 At the Enter date [mm/dd/yyyy]: prompt, type the date in the given format, and then press Enter.
Step 17 At the Enter time [hh:mm:ss]: prompt, type the current time in the given format, and then press Enter.
Result: The system displays the following message on the console:
To verify that you have correctly completed the Cisco Secure ACS Appliance initial configuration, follow these steps:
Establish a serial console connection to the Cisco Secure ACS Appliance. For details see Establishing a Serial Console Connection.
Result: When the systems finish booting, a login: prompt appears on the console.
Step 2 At the login: prompt, type the new administrator name, press Enter, and then at the password: prompt, enter the password you created during initial configuration.
Result: The system prompt appears.
Step 3 At the system prompt, type the show command, and then press Enter.
Result: The system displays status information.
Step 4 Verify the information displayed.
After you have successfully performed the procedures in this guide, your Cisco Secure ACS Appliance is installed and initially configured. The next step is to use a browser and the HTML interface to fully configure your Cisco Secure ACS Appliance to provide the AAA services you want from this installation. The HTML address is in the following format: HTTP//[ip address]:2002, where ip address is the address you assign during configuration.
For information on setting up user, group, network, and other parameters, see the User Guide for Cisco Secure ACS Appliance.
Posted: Fri Jun 20 09:02:12 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
