background image

RAD-Series 7.1 Getting Started Guide

Interlink Networks, Inc.

Page 6

Installing RAD-Series Software

To install the software:

1

Log on as root. 

2

Run the installer: 

# sh /

download directory path

/RAD-Series.7.1.0.linux.i686.bin 

Note:

 The installer will prompt you for each step of the process. To return to a previous step, enter 

back

 

until you reach the form you need. To exit the installer, enter 

quit.

3

Enter the option number for each component to install on this machine, separated by commas 

(no spaces). For example:

ENTER A COMMA-SEPARATED LIST OF NUMBERS REPRESENTING THE COMPONENTS
TO BE INSTALLED:

 1,2

Your options are:

4

Enter the installation directory for each file type. To accept the default directories, just press 

Enter at each prompt.

If this is a fresh installation, then also:

5

Enter a shared secret. This is a code used to establish a trust relationship between the AAA 

Server and its test utility. It cannot be more than 255 characters or contain spaces. The default 

is 

secret

.

6

Enter a test user password. This password is used to test installation. The user password 

cannot have spaces or the backslash character. The default is 

password

.

Option

Component

Required

1

Server—the AAA Server programs, 
configuration files, libraries, plug-ins

On each host machine.

2

Server Manager—the browser-based 
interface for configuring and administering 
the server(s)

On a local server host machine. Only one 
installation is needed.

3

Remote Control—the RMI objects that 
facilitate communication between the 
Server Manager program and remote 
servers that host the AAA Server software

On each machine you will administer 
remotely. You do not need Server Manager 
on these machines.

4

Oracle server—the db_srv daemon that 
provides the interface between the Oracle 
database and AAA Server.

On the machine that hosts the Oracle 
database. If not the same as the AAA 
Server host, install this component later on 
the Oracle host.

Summary of Contents for 7.1

Page 1: ...RAD Series AAA Server Getting Started Guide Version 7 1 for Linux Technical Document ...

Page 2: ...ithout notice Interlink Networks does not guarantee the accuracy of the information Trademark Information Brand or product names may be registered trademarks of their respective owners Revision History Interlink Networks Inc 650 Avis Drive Suite 300 Ann Arbor MI 48108 Main 734 821 1200 Sales 734 821 1228 Fax 734 821 1235 Website www interlinknetworks com Date Version Type 9 2005 7 1 0 New Product ...

Page 3: ...er Installing 4 Certificates 4 Installation 5 Installation Process 5 Installing RAD Series Software 6 Installation Directories 8 Uninstalling RAD Series Software 9 Starting Server Manager 9 Changing the Server Manager Port 10 Stopping Server Manager 10 Starting Remote Control 10 Accessing Server Manager 10 Adding Servers to Server Manager 11 Starting the Server 11 Testing Server Installation 12 Co...

Page 4: ...nfigurations 15 Define Access Devices 15 Define Local Realms 16 Save Configurations 17 Reloading the Server 17 Securing the Server 17 Basic Server Administration 19 Licensing 20 Ordering a License 20 Installing the License 20 Technical Support 21 Web Site 21 Help Desk 21 ...

Page 5: ...ou will install the software Know the hardware and software profiles of the server machines and other devices used throughout the network Know how you will store user profiles for those accessing the network For wireless know the EAP methods and user name formats used Notational Conventions Text in this guide is marked in different styles to denote various things Text Marked Indicates Fixed width ...

Page 6: ...d Interoperable Devices and Software Tables for RAD Series Server for a list of compatible hardware and software Specification Requirement Operating System Platform Red Hat Enterprise Server 2 0 on Intel hardware Memory 64 MB RAM minimum 128 MB RAM or higher recommended Disk Space 82 MB for server and Server Manager 100 MB temporary space for installer Additional disk space will be required depend...

Page 7: ...ion files to the subdirectory backup_raddb timestamp in the configuration file directory If you re converting from a version earlier than 6 0 x check the conversion of your vendors dictionary and fsm files In some cases these may need to be manually updated to include 7 1 0 content Finite State Machine fsm files that have been modified from the installation default are not converted with the 7 1 0...

Page 8: ...certificate key file and self signed certificate authority list that can be used for preliminary testing However if your application requires certificates you should replace these with your own files before the server goes into production The following authentication methods require a server side certificate PEAP MSCHAP PEAP MD5 PEAP GTC TLS TTLS TTLS MD5 TTLS PAP TTLS CHAP TTLS MSCHAP ...

Page 9: ... program on any machines where it is installed 4 Access the Server Manager 5 Add remote servers if any to Server Manager 6 Start the server s from Server Manager 7 Test installation using the preset configuration Note This test can only be performed on the machine hosting the Server Manager program At the conclusion of this process you ll Know that the server software is installed and working prop...

Page 10: ...nship between the AAA Server and its test utility It cannot be more than 255 characters or contain spaces The default is secret 6 Enter a test user password This password is used to test installation The user password cannot have spaces or the backslash character The default is password Option Component Required 1 Server the AAA Server programs configuration files libraries plug ins On each host m...

Page 11: ...tworks Inc Page 7 7 Enter a Server Manager user name This is the name you ll use to log on to Server Manager The default is adminaaa 8 Enter a Server Manager password This is the password you ll use to log on to Server Manager The default is adminaaa ...

Page 12: ...all Uninstaller opt aaa aatv Plug ins opt share aaa man MAN pages opt share aaa doc PDF documentation etc opt aaa Configuration files including dictionary and vendors files fsm files sample finite state machine FSM tables etc opt aaa proldap Schema files and sample LDIF files for LDAP authentication etc opt aaa security Certificates and keys for TLS TTLS and PEAP authentication etc opt aaa fsm7 1 ...

Page 13: ...d workstation that has a browser and a Java Run Time Environment installed Server Manager can be set up to make a Secure Socket Layer https connection to administrator workstations See Configuring Server Manager for SSL in the RAD Series Administrator s Guide The steps below show how to start Server Manager using a non secure http connection We recommend doing this to complete the initial server s...

Page 14: ... use 4 Save and close server xml 5 Stop and restart Server Manager Stopping Server Manager To stop the Server Manager program 1 Change directory to Server Manager directory bin 2 Run shutdown sh Starting Remote Control On each machine where you ve installed Remote Control 1 Change directory to Remote Control directory 2 Run rmistart sh Accessing Server Manager Once the Server Manager program is st...

Page 15: ... the list of servers managed by Server Manager 1 Access the Server Manager 2 In the Navigation tree on the left click Managed Servers 3 In the main area on the right click the Connect to Server link 4 Enter a Name for the server to appear in Server Manager This doesn t have to be the actual server name just an identifier 5 Enter the server s IP address or fully qualified domain name 6 Click Create...

Page 16: ...aaa lib by default export LD_LIBRARY_PATH server library path 5 Change directory to server binary path opt aaa bin by default 6 Run radpwtst s localhost test_user 7 When prompted enter the test user password you specified during installation A message appears summarizing authentication If the server is authenticating properly the final line in the message is test_user authentication OK 8 To termin...

Page 17: ...you ll have At least one realm defined At least one user set up for authentication using your method Using Server Manager We recommend using Server Manager rather than command line functions to perform basic AAA Server configuration and administration Server Manager works by loading a duplicate of the current server configuration into a temporary workspace After you ve made your changes in the wor...

Page 18: ...ed here 3 Workspace frame This area contains the controls for configuring and administering servers It changes based on the task you ve selected 4 Message frame This area shows the results of log file searches and server commands Each Workspace page contains both buttons and links you can use to drill down to other forms Hover over any button to see what it does Required fields are marked with an ...

Page 19: ... 3 Click Load You ll be notified when the transfer is complete Define Access Devices Enter the IP address and a shared secret for each access point in your network You can enter any valid IP address e g 192 44 3 11 or fully qualified DNS name e g nas yourcompany com The shared secret is the code that will be used to establish a trust relationship between the access device and the server The shared...

Page 20: ...r a realm name click the NULL link If users do have to enter a realm name click the Add New Realm link and enter it in Name 3 Choose the User Profile Storage type from the drop down New realms default to LDAP storage 4 If this is a wireless network and additional parameters appear under Security Method Click EAP Authentication Choose all the EAP methods used by this realm Use CTRL Click to select ...

Page 21: ...ect the server 3 In the Workspace frame click Restart Securing the Server We recommend doing the following to make the server more secure before putting it into production Instructions for each of these procedures are in the RAD Series Administrator s Guide 1 Remove the test_user from the default users file if you plan to keep this file in your configuration 2 Change the Server Manager user name a...

Page 22: ...RAD Series 7 1 Getting Started Guide Interlink Networks Inc Page 18 Where possible store hashed passwords in user profiles ...

Page 23: ...y selected servers where you don t want to run the command 4 In the Workspace frame click the command to perform Start starts server operation after it s been stopped You ll see a green GO icon next to the server name in the Status frame to indicate it s online Stop stops server operation You ll see a red STOP icon next to the server name in the Status frame to indicate it s offline Restart let s ...

Page 24: ...o purchase the appropriate license for your needs If you ve configured functions or users during evaluation that are not supported by the license you purchase they will be disabled during production use Contact sales interlinknetworks com for more information about the different licensing options Ordering a License When you re ready to purchase a licensed version of the RAD Series software contact...

Page 25: ...port at no additional charge To extend technical support beyond the 30 day warranty period you can purchase a Software Maintenance Plan Send an e mail to sales interlinknetworks com If you can t find the solution to your problem in our documentation or on the web site and you re covered by a maintenance plan or the 30 day warranty you can E mail support interlinknetworks com Phone 734 821 1222 Mon...

Reviews: