Installation and Configuration Guide for Cisco Secure ACS Remote Agents 4.2 - Installing Cisco Secure ACS Remote Agent for Solaris [Cisco Secure Access Control Server Solution Engine]

Table Of Contents

Installing Cisco Secure ACS Remote Agent for Solaris

System Requirements

ACS Requirements

Hardware Requirements

Operating System Requirements

Environment Variable Settings

Network Requirements

Installing a Remote Agent for Solaris

Uninstalling ACS Remote Agent for Solaris

Upgrading ACS Remote Agent for Solaris

Installing Cisco Secure ACS Remote Agent for Solaris

This chapter provides information about installing Cisco Secure Access Control Server (ACS) Remote Agent for Solaris.

This chapter contains:

•System Requirements

•Network Requirements

•Installing a Remote Agent for Solaris

•Uninstalling ACS Remote Agent for Solaris

•Upgrading ACS Remote Agent for Solaris

System Requirements

The computer on which ACS Remote Agent for Solaris is running must contain:

•ACS Requirements

•Hardware Requirements

•Operating System Requirements

•Environment Variable Settings

ACS Requirements

You must use ACS Remote Agent for Solaris, version 4.2, with ACS SE, version 4.2. We do not support other Cisco Secure ACS releases.

Hardware Requirements

The computer running ACS Remote Agent for Solaris must meet these requirements:

•SPARC architecture

•256 MB of RAM

•250 MB of free disk space

For the most recent information about tested hardware, see the Release Notes for Cisco Secure ACS Solution Engine 4.2. The current version of the release notes are posted on Cisco.com.

Operating System Requirements

The computer on which ACS Remote Agent for Solaris is running must use Solaris 2.8 or Solaris 2.9.

For the most recent information about tested operating systems, see the Release Notes for Cisco Secure ACS Solution Engine 4.2. The current version of the release notes are posted on Cisco.com.

Environment Variable Settings

The environment variable LD_LIBRARY_PATH must be set with the path for the file libstdc++.so*.

Example:

If libstdc++.so is in directory /router/lib, then root must have the following settings in .profile:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/router/lib
export LD_LIBRARY_PATH
Network Requirements

Before you install ACS Remote Agent, ensure that the:

•Computer running ACS Remote Agent for Solaris can ping the ACS SEs that it is to support.

•Gateway devices permit traffic between the computer running ACS Remote Agent for Windows and the ACS SE. Specifically, the remote agent must receive TCP communication on the TCP ports that you configure in CSAgent.ini. If ACS uses all services, the default TCP ports are 2004, 2006, and 2007. The appliance must receive TCP communication on TCP port 2003.

Note By using the CSAgent.ini file, you can configure the ports that the Remote Agent uses to communicate with ACS. If you change the communication ports, you must configure intervening gateway devices to permit TCP traffic on the ports that you configure the Remote Agent to use. For more information about changing the ports that a Remote Agent uses, see Configuring a Remote Agent.

Installing a Remote Agent for Solaris

Before You Begin

Determine the IP address of the ACS SE that will be the configuration provider for this remote agent. For more information about configuration providers, see Configuration Provider.

For information about prerequisites before installing ACS Remote Agent for Solaris, see System Requirements.

If a previous version of ACS Remote Agent for Solaris is installed on the machine, you must uninstall it before you install ACS Remote Agent for Solaris 4.2. See Upgrading ACS Remote Agent for Solaris.

Note If SA (Security Agent) is enabled on the machine, you must disable it before installing ACS Remote Agent for Solaris 4.2.

To install ACS Remote Agent for Solaris:

Step 1 On the ACS Software Migration CD, find the installation file for ACS Remote Agent for Solaris. The file name is typically CSCOacsag.version.platform.tar.

Note You can also download the installation file from Cisco.com. Log in to Cisco.com, choose Technical Support > Downloads and then locate the software download page for ACS SE. Remote agent software resides on the Strong Cryptographic 3DES Software page for ACS SE.

Step 2 Place the Solaris remote agent file in a location that is accessible from the Solaris server on which you want to install the remote agent.

Step 3 On the Solaris server on which you want to install the Solaris remote agent, log in as root.

Note If you cannot access the server as root, log in to the server as any user that has permission to use the sudo command.

Step 4 Access a shell command prompt and change directories to the directory in which you saved the downloaded Solaris remote agent file.

Step 5 Copy the remote agent installation package to the /tmp directory. For example, enter:

cp CSCOacsag.version.platform.tar /tmp

where version is the version of the remote agent and platform is the platform identifier string.

Step 6 Change directories to the /tmp directory. Enter:
cd /tmp 
Press Enter.

Step 7 Unpack the remote agent software package. Enter:

tar xf CSCOacsag.version.platform.tar

Press Enter.

Step 8 Install the remote agent software package. Enter:
pkgadd -d . CSCOacsag 
Press Enter.

Tip If you are not logged in as root, use the sudo command; for example:
sudo pkgadd -d . CSCOacsag.

The software installation begins. The Enter Appliance name/IP: prompt appears. The appliance in this case is the configuration provider for the remote agent.

Step 9 Enter the hostname or IP address of the ACS SE that is the configuration provider for this remote agent. Press Enter.

Note If you enter a hostname, be sure that DNS is operating correctly or that the appliance hostname is in the local hosts file.

Tip You can edit the IP address or hostname of the configuration provider after completing the installation. For more information, see Configuring a Remote Agent.

•The installation script verifies:

•The IP address or hostname that you specified.

•Records the validated information in the CSAgent.ini file.

•Continues the installation.

•The following message and prompt appear:
Do you like to use CSUnix output format? [n] [y,n,?] 
Step 10 Do one of the following, depending on what format you want to use for the:

•CSUnix log format, enter Y, and press Enter.

•CSV log format, enter N, and press Enter.

For more information about CSUnix log format, see the discussion of the CSUnixOutput option in CSAgent.ini Settings.

Tip You can edit the setting for the CSUnix Output option after completing the installation. For more information, see Configuring a Remote Agent.

The installation script records your log format selection in the CSAgent.ini file and continues the installation. The following message and prompt appear:
This package contains scripts that will be executed with super-user permission during the 
process of installing this package. 
 
Do you want to continue with the installation of <CSCOacsag> [y,n,?] 
Step 11 To continue with the installation, enter Y, and press Enter.

Note If you enter N, the installation exits and the remote agent software is not installed.

The Solaris remote agent software is installed on the Solaris server.

Where to go next

•If you want to configure the remote agent, see Configuring a Remote Agent.

Note The installation provides a default configuration, including specifying the configuration provider; however, you may want to configure the ports on which the remote agent communicates with the configuration provider and other ACS SEs.

•To start remote agent services, see Stopping and Starting Remote Agent Services.

Uninstalling ACS Remote Agent for Solaris

Note If you do not intend to reinstall ACS Remote Agent for Solaris on this computer, remove the applicable remote agent configurations from all ACS SEs.

Before You Begin

Note Uninstalling a Solaris remote agent requires root privileges or permission to use the sudo command.

To uninstall ACS Remote Agent for Solaris:

Step 1 On the Solaris server running the remote agent, log in as root.

Note If you cannot access the server as root, log in to the server as any user that has permission to use the sudo command.

Step 2 Access a shell command prompt.

Step 3 Enter:
pkgrm CSCOacsag 
Press Enter.

Tip If you are not logged in as root, use the sudo command, for example, sudo pkgrm CSCOacsag.

The following prompt appears:
Do you want to remove this package? 
Step 4 Enter Y, and press Enter.

The following prompt appears:
This package contains scripts which will be executed  
with super-user permission during the process of removing  
this package. 
 
Do you want to continue with the removal of this package  
[y,n,?,q] ? 
Step 5 Enter Y, and press Enter.

The previous command removes the remote agent software from the Solaris server.

Upgrading ACS Remote Agent for Solaris

The upgrade process entails uninstalling the old version of the remote agent and installing the new version.

To upgrade ACS Remote Agent for Solaris:

Step 1 Remove the old version of the remote agent by performing the steps in Uninstalling ACS Remote Agent for Solaris.

Step 2 Using the version of ACS Remote Agent for Solaris to which you want to upgrade, perform the steps in Installing a Remote Agent for Solaris.

	Installation and Configuration Guide for Cisco Secure ACS Remote Agents 4.2
	Installing Cisco Secure ACS Remote Agent for Solaris
Installation and Configuration Guide for Cisco Secure ACS Remote Agents 4.2 Preface Introduction to Cisco Secure ACS Remote Agents Installing Cisco Secure ACS Remote Agent for Windows Installing Cisco Secure ACS Remote Agent for Solaris Configuring and Maintaining a Remote Agent Index	Download this chapter Installing Cisco Secure ACS Remote Agent for Solaris Download the complete book Installation and Configuration Guide for Cisco Secure ACS Remote Agents 4.2 (PDF - 870 KB) Feedback Table Of Contents Installing Cisco Secure ACS Remote Agent for Solaris System Requirements ACS Requirements Hardware Requirements Operating System Requirements Environment Variable Settings Network Requirements Installing a Remote Agent for Solaris Uninstalling ACS Remote Agent for Solaris Upgrading ACS Remote Agent for Solaris Installing Cisco Secure ACS Remote Agent for Solaris This chapter provides information about installing Cisco Secure Access Control Server (ACS) Remote Agent for Solaris. This chapter contains: •System Requirements •Network Requirements •Installing a Remote Agent for Solaris •Uninstalling ACS Remote Agent for Solaris •Upgrading ACS Remote Agent for Solaris System Requirements The computer on which ACS Remote Agent for Solaris is running must contain: •ACS Requirements •Hardware Requirements •Operating System Requirements •Environment Variable Settings ACS Requirements You must use ACS Remote Agent for Solaris, version 4.2, with ACS SE, version 4.2. We do not support other Cisco Secure ACS releases. Hardware Requirements The computer running ACS Remote Agent for Solaris must meet these requirements: •SPARC architecture •256 MB of RAM •250 MB of free disk space For the most recent information about tested hardware, see the Release Notes for Cisco Secure ACS Solution Engine 4.2. The current version of the release notes are posted on Cisco.com. Operating System Requirements The computer on which ACS Remote Agent for Solaris is running must use Solaris 2.8 or Solaris 2.9. For the most recent information about tested operating systems, see the Release Notes for Cisco Secure ACS Solution Engine 4.2. The current version of the release notes are posted on Cisco.com. Environment Variable Settings The environment variable LD_LIBRARY_PATH must be set with the path for the file libstdc++.so. Example: If libstdc++.so* is in directory /router/lib, then root must have the following settings in .profile: LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/router/lib export LD_LIBRARY_PATH Network Requirements Before you install ACS Remote Agent, ensure that the: •Computer running ACS Remote Agent for Solaris can ping the ACS SEs that it is to support. •Gateway devices permit traffic between the computer running ACS Remote Agent for Windows and the ACS SE. Specifically, the remote agent must receive TCP communication on the TCP ports that you configure in CSAgent.ini. If ACS uses all services, the default TCP ports are 2004, 2006, and 2007. The appliance must receive TCP communication on TCP port 2003. Note By using the CSAgent.ini file, you can configure the ports that the Remote Agent uses to communicate with ACS. If you change the communication ports, you must configure intervening gateway devices to permit TCP traffic on the ports that you configure the Remote Agent to use. For more information about changing the ports that a Remote Agent uses, see Configuring a Remote Agent. Installing a Remote Agent for Solaris Before You Begin Determine the IP address of the ACS SE that will be the configuration provider for this remote agent. For more information about configuration providers, see Configuration Provider. For information about prerequisites before installing ACS Remote Agent for Solaris, see System Requirements. If a previous version of ACS Remote Agent for Solaris is installed on the machine, you must uninstall it before you install ACS Remote Agent for Solaris 4.2. See Upgrading ACS Remote Agent for Solaris. Note If SA (Security Agent) is enabled on the machine, you must disable it before installing ACS Remote Agent for Solaris 4.2. To install ACS Remote Agent for Solaris: Step 1 On the ACS Software Migration CD, find the installation file for ACS Remote Agent for Solaris. The file name is typically CSCOacsag.version.platform.tar. Note You can also download the installation file from Cisco.com. Log in to Cisco.com, choose Technical Support > Downloads and then locate the software download page for ACS SE. Remote agent software resides on the Strong Cryptographic 3DES Software page for ACS SE. Step 2 Place the Solaris remote agent file in a location that is accessible from the Solaris server on which you want to install the remote agent. Step 3 On the Solaris server on which you want to install the Solaris remote agent, log in as root. Note If you cannot access the server as root, log in to the server as any user that has permission to use the sudo command. Step 4 Access a shell command prompt and change directories to the directory in which you saved the downloaded Solaris remote agent file. Step 5 Copy the remote agent installation package to the /tmp directory. For example, enter: cp CSCOacsag.version.platform.tar /tmp where version is the version of the remote agent and platform is the platform identifier string. Step 6 Change directories to the `/tmp directory`. Enter: cd /tmp Press Enter. Step 7 Unpack the remote agent software package. Enter: tar xf CSCOacsag.version.platform.tar Press Enter. Step 8 Install the remote agent software package. Enter: pkgadd -d . CSCOacsag Press Enter. Tip If you are not logged in as root, use the sudo command; for example: sudo pkgadd -d . CSCOacsag. The software installation begins. The `Enter Appliance name/IP:` prompt appears. The appliance in this case is the configuration provider for the remote agent. Step 9 Enter the hostname or IP address of the ACS SE that is the configuration provider for this remote agent. Press Enter. Note If you enter a hostname, be sure that DNS is operating correctly or that the appliance hostname is in the local hosts file. Tip You can edit the IP address or hostname of the configuration provider after completing the installation. For more information, see Configuring a Remote Agent. •The installation script verifies: •The IP address or hostname that you specified. •Records the validated information in the CSAgent.ini file. •Continues the installation. •The following message and prompt appear: Do you like to use CSUnix output format? [n] [y,n,?] Step 10 Do one of the following, depending on what format you want to use for the: •CSUnix log format, enter Y, and press Enter. •CSV log format, enter N, and press Enter. For more information about CSUnix log format, see the discussion of the CSUnixOutput option in CSAgent.ini Settings. Tip You can edit the setting for the CSUnix Output option after completing the installation. For more information, see Configuring a Remote Agent. The installation script records your log format selection in the CSAgent.ini file and continues the installation. The following message and prompt appear: This package contains scripts that will be executed with super-user permission during the process of installing this package. Do you want to continue with the installation of <CSCOacsag> [y,n,?] Step 11 To continue with the installation, enter Y, and press Enter. Note If you enter N, the installation exits and the remote agent software is not installed. The Solaris remote agent software is installed on the Solaris server. Where to go next •If you want to configure the remote agent, see Configuring a Remote Agent. Note The installation provides a default configuration, including specifying the configuration provider; however, you may want to configure the ports on which the remote agent communicates with the configuration provider and other ACS SEs. •To start remote agent services, see Stopping and Starting Remote Agent Services. Uninstalling ACS Remote Agent for Solaris Note If you do not intend to reinstall ACS Remote Agent for Solaris on this computer, remove the applicable remote agent configurations from all ACS SEs. Before You Begin Note Uninstalling a Solaris remote agent requires root privileges or permission to use the sudo command. To uninstall ACS Remote Agent for Solaris: Step 1 On the Solaris server running the remote agent, log in as root. Note If you cannot access the server as root, log in to the server as any user that has permission to use the sudo command. Step 2 Access a shell command prompt. Step 3 Enter: pkgrm CSCOacsag Press Enter. Tip If you are not logged in as root, use the sudo command, for example, sudo pkgrm CSCOacsag. The following prompt appears: Do you want to remove this package? Step 4 Enter Y, and press Enter. The following prompt appears: This package contains scripts which will be executed with super-user permission during the process of removing this package. Do you want to continue with the removal of this package [y,n,?,q] ? Step 5 Enter Y, and press Enter. The previous command removes the remote agent software from the Solaris server. Upgrading ACS Remote Agent for Solaris The upgrade process entails uninstalling the old version of the remote agent and installing the new version. To upgrade ACS Remote Agent for Solaris: Step 1 Remove the old version of the remote agent by performing the steps in Uninstalling ACS Remote Agent for Solaris. Step 2 Using the version of ACS Remote Agent for Solaris to which you want to upgrade, perform the steps in Installing a Remote Agent for Solaris.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks