Presentation is loading. Please wait.

Presentation is loading. Please wait.

Installation. All Rights Reserved © Alcatel-Lucent 2007 2 | Installation Module Objectives  Installation  Startup and process monitoring  Uninstallation.

Published byClemence Hunter Modified over 8 years ago

Similar presentations

Presentation on theme: "Installation. All Rights Reserved © Alcatel-Lucent 2007 2 | Installation Module Objectives  Installation  Startup and process monitoring  Uninstallation."— Presentation transcript:

1 Installation

2 All Rights Reserved © Alcatel-Lucent 2007 2 | Installation Module Objectives  Installation  Startup and process monitoring  Uninstallation  Licensing models

3 All Rights Reserved © Alcatel-Lucent 2007 3 | Installation System Requirements  Have one of the supported platforms:  Solaris SPARC & x86: from 2.7 to 2.10  HP-UX 11.0  Compaq/DEC TRU-64 UNIX  RedHat Enterprise Linux  Windows 2000, 2003 & XP  MacOS: from 10.2 to 10.4  Java Virtual Machine (JRE, SDK ó J2SE)  J2SE 5.0  100 MB of free disk (without considering the accounting data)  256 MB of RAM per CPU (minimum)  512 MB recommended  A valid license file (Temporal or Permanent) *

4 All Rights Reserved © Alcatel-Lucent 2007 4 | Installation Installation process  The installation is completely guided  With or without graphical interface  8950 AAA software is the same for all platforms as it is based in Java  The Java JRE will be different based on the Operating system  The installation process is launched with:  setup.sh as “root” in UNIX/Linux  setup.sh –gui for graphical interface  setup.exe as “Administrator” in Windows

5 All Rights Reserved © Alcatel-Lucent 2007 5 | Installation Initial Installation Screen

6 All Rights Reserved © Alcatel-Lucent 2007 6 | Installation Java Version Check

7 All Rights Reserved © Alcatel-Lucent 2007 7 | Installation License Agreement

8 All Rights Reserved © Alcatel-Lucent 2007 8 | Installation Installation Directory  All of the files will be inside that directory

9 All Rights Reserved © Alcatel-Lucent 2007 9 | Installation Installation Type  It is possible to install both the SMT client and the 8950 AAA servers, or to install the SMT client only

10 All Rights Reserved © Alcatel-Lucent 2007 10 | Installation License File Location  The license is not necessary for the “SMT only” installation

11 All Rights Reserved © Alcatel-Lucent 2007 11 | Installation Login/Password for super-administrator

12 All Rights Reserved © Alcatel-Lucent 2007 12 | Installation * PolicyFlow vs. PolicyAssistant  There are many sample PolicyFlows, useful for learning

13 All Rights Reserved © Alcatel-Lucent 2007 13 | Installation Certificate Configuration  Necessary for SMT encryption, EAP-TLS/TTLS/PEAP and Diameter  By default, the country, state,.... are taken from the license.txt

14 All Rights Reserved © Alcatel-Lucent 2007 14 | Installation Setup Complete

15 All Rights Reserved © Alcatel-Lucent 2007 15 | Installation Automatic installation  The installation process can be done without any interaction from the user  Providing all installation parameters in the command line  If needing digital certificates for HTTPS/SSH/SSL, they will have to be generated later (with SMT or aaa-cert)  Example for Solaris: # mkdir /opt/AAA #./setup.sh -agree -adminUser admin -adminPass admin -server -dir /opt/AAA -license /tmp/license.txt -policySet quick-start -quiet

16 All Rights Reserved © Alcatel-Lucent 2007 16 | Installation Upgrading to another release  To upgrade, simply install the new version on the same directory, and select to keep existing configuration

17 All Rights Reserved © Alcatel-Lucent 2007 17 | Installation Manual start-up/shutdown of the servers  From the OS shell, in any platform:  /bin/aaa start, starts both server processes  /bin/aaa start policy - only for the PolicyServer  /bin/aaa start config- only for the SMT server  /bin/aaa stop, starts both server processes  From Windows, also from the Start Menu

18 All Rights Reserved © Alcatel-Lucent 2007 18 | Installation Automatic start-up/shutdown of the servers (Windows)  8950 AAA automatic start-up on the boot process, will vary depending on the platform  Windows:  8950 AAA servers will start as Windows services  It must be enabled manually to be started-up  Via the Services Window

19 All Rights Reserved © Alcatel-Lucent 2007 19 | Installation Automatic start-up/shutdown of the servers (Solaris)  Solaris  Create a shell script in the right directory as root #!/sbin/sh AAA_HOME=/opt/AAA [ ! -f $AAA_HOME/bin/va ] && exit case "$1" in 'start') cd $AAA_HOME bin/va start ;; 'stop') cd $AAA_HOME bin/va stop ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac #!/sbin/sh AAA_HOME=/opt/AAA [ ! -f $AAA_HOME/bin/va ] && exit case "$1" in 'start') cd $AAA_HOME bin/va start ;; 'stop') cd $AAA_HOME bin/va stop ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac # chmod u+x /etc/init.d/AAA # ln -s /etc/init.d/AAA /etc/rc3.d/S03AAA # ln -s /etc/init.d/AAA /etc/rc0.d/K03AAA # chmod u+x /etc/init.d/AAA # ln -s /etc/init.d/AAA /etc/rc3.d/S03AAA # ln -s /etc/init.d/AAA /etc/rc0.d/K03AAA /etc/init.d/AAA

20 All Rights Reserved © Alcatel-Lucent 2007 20 | Installation Check the servers are running  There are several ways to do it.  Some of them can vary depending on the platform root@formator:/opt/AAA/bin# aaa list 101 Server active 8950 AAA Policy Server: responding The server could not be reached: Connection refused 8950 AAA Configuration Server: not responding root@formator:/opt/AAA/bin# aaa list 101 Server active 8950 AAA Policy Server: responding The server could not be reached: Connection refused 8950 AAA Configuration Server: not responding root@formator# /usr/ucb/ps -axww |grep –i AAA | grep java 28091 pts/2 S 0:58 java -Xmx512m -server -XX:+UseParNewGC -XX:+UseConcMarkSweepGC –D sun.rmi.dgc.server.gcInterval=0x7FFFFFFFFFFFFFFE -Dsun.rmi.dgc.client.gcInterval=0x7FFFFFFFFFFFFFFE - Dva.base=/opt/AAA -Dva.run=/opt/Lucent/AAA/run -Dva.bin=/opt/Lucent/AAA/bin -Dva.lib=/opt/Lucent/AAA/lib - Dva.native=/opt//AAA/lib/SunOS-sparc com.lucent.aaa. PolicyServer 28520 pts/2 S 0:14 java -Dva.base=/opt/Lucent/AAA -Dva.run=/opt/Lucent/AAA/run Dva.bin=/opt/Lucent/AAA/bin - Dva.lib=/opt/Lucent/AAA/lib -Dva.native=/opt/Lucent/AAA/lib/SunOS-sparc com.lucent.aaa. ConfigServer root@formator# /usr/ucb/ps -axww |grep –i AAA | grep java 28091 pts/2 S 0:58 java -Xmx512m -server -XX:+UseParNewGC -XX:+UseConcMarkSweepGC –D sun.rmi.dgc.server.gcInterval=0x7FFFFFFFFFFFFFFE -Dsun.rmi.dgc.client.gcInterval=0x7FFFFFFFFFFFFFFE - Dva.base=/opt/AAA -Dva.run=/opt/Lucent/AAA/run -Dva.bin=/opt/Lucent/AAA/bin -Dva.lib=/opt/Lucent/AAA/lib - Dva.native=/opt//AAA/lib/SunOS-sparc com.lucent.aaa. PolicyServer 28520 pts/2 S 0:14 java -Dva.base=/opt/Lucent/AAA -Dva.run=/opt/Lucent/AAA/run Dva.bin=/opt/Lucent/AAA/bin - Dva.lib=/opt/Lucent/AAA/lib -Dva.native=/opt/Lucent/AAA/lib/SunOS-sparc com.lucent.aaa. ConfigServer : / run# cat policy.pid 28091 : / run# cat policy.pid 28091 : / run# cat config.pid 28520 : / run# cat config.pid 28520

21 All Rights Reserved © Alcatel-Lucent 2007 21 | Installation Running the servers as a non-root user  For extra security, some people prefer to run processes as a non-root user  The TCP/UDP ports should be above 1024. Be careful with:  Enabling the SNMP agent with the default UDP 161 port,  Using the DHCP plug-in (by default it uses UDP ports 67 or 68)  Using TACACS+ (TCP port 49)  Typical steps:  Create the non-root user with any name (I.e: aaa, va, etc)  Change the ownership of the 8950 AAA directories  root# chown – R aaa /opt/AAA  Start the 8950 AAA processes as the non-root user  root# su – aaa – c “ /opt/AAA/bin/aaa start ”

22 All Rights Reserved © Alcatel-Lucent 2007 22 | Installation Uninstallation  From Windows :  Startup Menu -> Configuration -> Control Pannel -> Add & Remove Programs  From UNIX, uninstallation process is launched using the same command as for installation, but using the "uninstall" option  cd /dir_with_AAA_installation_software ./setup.sh – uninstall, or ./setup.sh -uninstall -dir -quiet  Remove any file that may remain in the installation directory  All files are stored in the same directory *

23 All Rights Reserved © Alcatel-Lucent 2007 23 | Installation Version numbering  The version format is..  Major is a major release with new features  Minor is a minor release with some minor new features  Micro is a bug fix only release normally and may contain new customer specific / debugging features only.  Examples:  4.5.7  5.1.3  Licenses are bound to the major. If you upgrade to another major, you need a new license.

24 All Rights Reserved © Alcatel-Lucent 2007 24 | Installation license.txt  File containing the 8950 AAA license  Represents the customer rights to use  Without a valid license file, the PolicyServer won´t start  The same license is valid for every "major release" (1st number in the version)  A license for 4.5 won´t be valid for 5.1  A license for 5.0 will be valid for 5.1  To install a new license, simply put it under the /run directory, and restart the PolicyServer  The license validity is checked at startup and every day at midnight (00:00) * -----BEGIN 8950 AAA LICENSE----- Akk7PLLoXkEPXbkgmk59Dhh/HhIwALfTgjfRt+Ri/Rseh4LkDLrgoOVWwPo+pE1I tNeWvN0INeeefVJ7DHCWUkStHsiQBx4qrDZE0FWTjmctiWhER3zQSflG8fT6wXX5 ALTyihciszBWqD2VPBAReWFiJxBSZkyhkoatBiQjF8tOTHVjZW50IFRlY2hub2xv Z2llcwBodHRwOi8vd3d3Lmx1Y2VudC5jb20AQXZkYS4gQnJ1c2VsYXMgOABBbGNv YmVuZGFzAE1hZHJpZAAyODEwOABlcwBQZWRybyBWaXRvbgB2aXRvbkBsdWNlbnQu Y29tACszNCA5MSA3MTQgODY5MgAAAABFdmFsdWF0aW9uIExpY2Vuc2UAbHVjZW50 AAAA -----END 8950 AAA LICENSE----- -----BEGIN 8950 AAA LICENSE----- Akk7PLLoXkEPXbkgmk59Dhh/HhIwALfTgjfRt+Ri/Rseh4LkDLrgoOVWwPo+pE1I tNeWvN0INeeefVJ7DHCWUkStHsiQBx4qrDZE0FWTjmctiWhER3zQSflG8fT6wXX5 ALTyihciszBWqD2VPBAReWFiJxBSZkyhkoatBiQjF8tOTHVjZW50IFRlY2hub2xv Z2llcwBodHRwOi8vd3d3Lmx1Y2VudC5jb20AQXZkYS4gQnJ1c2VsYXMgOABBbGNv YmVuZGFzAE1hZHJpZAAyODEwOABlcwBQZWRybyBWaXRvbgB2aXRvbkBsdWNlbnQu Y29tACszNCA5MSA3MTQgODY5MgAAAABFdmFsdWF0aW9uIExpY2Vuc2UAbHVjZW50 AAAA -----END 8950 AAA LICENSE-----

25 All Rights Reserved © Alcatel-Lucent 2007 25 | Installation Licensing models  There are several types of licenses:  BP (Base Product): license per server (Ip address or host name)  For a redundant platform, at least 2 licenses are needed  Changing the host IP address means generating a new license –Not necessary if the license is bound to the host name, and the host name is maintained  SP (Service Provider), price independent of number of VA servers  Wi-Fi Edition: license for 2 servers  Evaluation: For 30 days and less than 15 NAS's  PolicyAssistant only: Without the option to create custom PolicyFlows  The price also depends on:  Number of clients (NAS|AP)  Number of ports (possible simultaneous sessions) and users  Special features enabled: HA-USS, EAP-SIM, EAP-AKA, LDAP interface on USS, possibility to modify the PF (not necessary if using the PA), Diameter, TACACS+, Lawful Intercept, etc.

26 All Rights Reserved © Alcatel-Lucent 2007 26 | Installation License.txt decoded

Download ppt "Installation. All Rights Reserved © Alcatel-Lucent 2007 2 | Installation Module Objectives  Installation  Startup and process monitoring  Uninstallation."

Similar presentations

What’s New: Windows Server 2012 R2 Tim Vander Kooi Systems Architect www.NetComLearning.com.

What’s New: Windows Server 2012 R2 Tim Vander Kooi Systems Architect
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.

NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.
2.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.

2.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.

Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
Chapter 2 Accessing Your System and the Common Desktop Environment.

Chapter 2 Accessing Your System and the Common Desktop Environment.
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
14.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Optinuity Confidential. All rights reserved. C2O Configuration Requirements.

Optinuity Confidential. All rights reserved. C2O Configuration Requirements.
Lesson 22 – Introduction to Linux Systems Administration.

Lesson 22 – Introduction to Linux Systems Administration.
Lesson 5-Accessing Networks. Overview Introduction to Windows XP Professional. Introduction to Novell Client. Introduction to Red Hat Linux workstation.

Lesson 5-Accessing Networks. Overview Introduction to Windows XP Professional. Introduction to Novell Client. Introduction to Red Hat Linux workstation.
Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
SETUP AND CONFIGURATIONS WEBLOGIC SERVER. 1.Weblogic Installation 2.Creating domain through configuration wizard 3.Creating domain using existing template.

SETUP AND CONFIGURATIONS WEBLOGIC SERVER. 1.Weblogic Installation 2.Creating domain through configuration wizard 3.Creating domain using existing template.
Introducing VMware vSphere 5.0

Introducing VMware vSphere 5.0
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.

Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.
Installing Linux Redhat: A how to guide in installing and configuring Redhat 6.2.

Installing Linux Redhat: A how to guide in installing and configuring Redhat 6.2.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

Similar presentations

Ads by Google