Краткое содержание страницы № 1
Cisco NAC Guest Server Installation and
Configuration Guide
Release 1.1.0
March 2008
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-15986-01
Краткое содержание страницы № 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE
Краткое содержание страницы № 3
CONTENTS About This Guide ix CHAPTER 1 Welcome to Cisco NAC Guest Server 1-1 Introduction 1-1 Guest Access Concepts 1-1 Before You Start 1-2 Package Contents 1-2 Rack Mounting 1-3 Cisco NAC Guest Server Licensing 1-3 Upgrading Firmware 1-3 Additional Information 1-4 CHAPTER 2 Installing Cisco NAC Guest Server 2-1 Connecting the Cisco NAC Guest Server 2-1 Command Line Configuration 2-3 Configure IP Address and Default Gateway 2-3 Change Ro
Краткое содержание страницы № 4
Contents Edit Existing Admin Account 3-11 Delete Existing Admin Account 3-13 CHAPTER 4 Configuring Sponsor Authentication 4-1 Configuring Local Sponsor Authentication 4-1 Add New Local User Account 4-1 Edit Existing User Account 4-3 Delete Existing User Account 4-4 Configuring Active Directory (AD) Authentication 4-5 Add Active Directory Domain Controller 4-6 Edit Existing Domain Controller 4-7 Delete Existing Domain Controller Entry 4-9 Configuring
Краткое содержание страницы № 5
Contents CHAPTER 7 Integrating with Cisco NAC Appliance 7-1 Adding Clean Access Manager Entries 7-1 Editing Clean Access Manager Entries 7-3 Deleting Clean Access Manager Entries 7-4 Configuring the CAM for Reporting 7-4 Adding a RADIUS Accounting Server 7-5 Configure the CAM to Format RADIUS Accounting Data 7-6 CHAPTER 8 Configuring RADIUS Clients 8-1 Overview 8-1 Adding RADIUS Clients 8-2 Editing RADIUS Clients 8-3 Deleting RADIUS Clients 8-4 C
Краткое содержание страницы № 6
Contents CHAPTER 12 Replication and High Availability 12-1 Setting up replication 12-1 Configuring Provisioning 12-3 Replication Status 12-4 Recovering from Failures 12-4 Network Connectivity 12-4 Device Failure 12-5 Deployment Considerations 12-5 Connectivity 12-5 Load Balancing 12-6 Web Interface 12-6 RADIUS Interface 12-6 12-7 CHAPTER 13 Logging and Troubleshooting 13-1 System Logging 13-1 Log Files 13-2 Downloading the log fi
Краткое содержание страницы № 7
Contents Printing/Email/SMS Multiple Accounts 15-9 Viewing Multiple Account Groups 15-10 Viewing Multiple Account Groups 15-10 Finding Multiple Account Groups by username 15-11 Finding Multiple Account Groups on the Active Accounts Report. 15-11 Editing Guest Accounts 15-12 Suspending Guest Accounts 15-12 Viewing Active Accounts and Resending Details 15-13 Reporting on Guest Users 15-13 APPENDIX A Open Source License Acknowledgements A-1 Notices A-1
Краткое содержание страницы № 8
Contents Cisco NAC Guest Server Installation and Configuration Guide viii OL-15986-01
Краткое содержание страницы № 9
About This Guide March 5, 2008, OL-15986-01 This preface includes the following sections: • Audience Purpose Document Conventions Product Documentation Obtaining Documentation and Submitting a Service Request Audience This guide is for network administrators who are implementing Cisco NAC Guest Server to provision guest access on their networks. Cisco NAC Guest Server works alongside Cisco NAC Appliance, Cisco Unified Wireless Networks and other Cisco Network Enforcement devices
Краткое содержание страницы № 10
About This Guide Item Convention Indicates web admin console modules, menus, tabs, links and Boldface font submenu links. Indicates a menu item to be selected. Administration > User Pages Product Documentation Table 1 lists documents are available for Cisco NAC Guest Server on Cisco.com at the following URL: http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html Tip To access external URLs referenced in this document, right-click the link in Adobe Acrobat and selec
Краткое содержание страницы № 11
CH A P T E R 1 Welcome to Cisco NAC Guest Server Introduction The Cisco NAC Guest Server is a complete provisioning and reporting system that provides temporary network access for guests, visitors, contractors, consultants or customers. The Guest Server works alongside Cisco NAC Appliance or Cisco Wireless LAN Controller which provide the captive portal and enforcement point for guest access. Cisco NAC Guest Server allows any user with privileges to easily create temporary guest accounts an
Краткое содержание страницы № 12
Chapter 1 Welcome to Cisco NAC Guest Server Before You Start Sponsor The Sponsor is the person who creates the guest user account. This person is often an employee of the organization that provides the network access. Sponsors can be specific individuals with certain job roles, or can be any employee who can authenticate against a corporate directory such as Microsoft Active Directory (AD). Network Enforcement Device These devices are the network infrastructure components that provide
Краткое содержание страницы № 13
Important Safety Information Cisco NAC Appliance Getting Started Guide Cisco Information Packet Chapter 1 Welcome to Cisco NAC Guest Server Before You Start Figure 1-1 Shipping Box Contents DB-9 serial null modem cable RJ-45 cable (straight-through) Documentation AC power cord Cisco NAC Guest Server Rack mounting kit Note Because product software is preloaded onto the Cisco NAC Guest Server appliance, the shipping contents do not include a separate software installation CD. Rack Mounting
Краткое содержание страницы № 14
Chapter 1 Welcome to Cisco NAC Guest Server Before You Start Additional Information For late-breaking or additional details for this release, refer to the Release Notes for Cisco NAC Guest Server, Release 1.0.0. For the latest online updates to this guide, visit http://www.cisco.com/en/US/products/ps6128/products_installation_and_configuration_guides_list.ht ml See Product Documentation for a list of related documentation for Cisco NAC Guest Server. For details on how to obtain technic
Краткое содержание страницы № 15
CH A P T E R 2 Installing Cisco NAC Guest Server This chapter contains the following sections: Connecting the Cisco NAC Guest Server Command Line Configuration Re-Imaging the Appliance Connecting the Cisco NAC Guest Server The Cisco NAC Guest Server is based on the Cisco NAC Appliance 3310 (NAC-3310) hardware platform and comes preloaded with a default system image. When you receive the Guest Server, perform the initial configuration described in Command Line Configuration, page 2-3
Краткое содержание страницы № 16
Chapter 2 Installing Cisco NAC Guest Server Connecting the Cisco NAC Guest Server Figure 2-1 Cisco NAC Guest Server Front Panel 4 6 1 2 3 5 7 8 9 8 1 Hard disk drive (HDD) bay 6 HDD activity LED indicator (green) CD-ROM/DVD drive Power button with LED indicator (bicolor: 2 7 green/amber) UID (Unit identification) button with LED Thumbscrews for the front bezel 3 indicator (blue) 8 4 System health LED indicator (amber) 9 Front USB ports Activity/link status LED indicators for NIC 1 5 (e
Краткое содержание страницы № 17
Chapter 2 Installing Cisco NAC Guest Server Command Line Configuration Note The three LAN ports each have their own LED indicators for activity/link status and network speed. Command Line Configuration A very minimal amount of command line configuration is needed on the Cisco NAC Guest Server appliance. This is to perform two tasks. Configure IP Address and Default Gateway, page 2-3 so that the appliance can be accessed on the network Change Root Password, page 2-5 on the applianc
Краткое содержание страницы № 18
Chapter 2 Installing Cisco NAC Guest Server Command Line Configuration Figure 2-4 Choose eth0 Interface Step 3 Select the eth0 interface from the list using the up and down arrow keys and press . Step 4 You can now enter all the correct network settings for the appliance (Figure 2-5). Figure 2-5 Change Network Configuration Details Enter the following information: Static IP—The IP Address that you want to assign to the Cisco NAC Guest Server Netmask—The corresponding subnet m
Краткое содержание страницы № 19
Chapter 2 Installing Cisco NAC Guest Server Command Line Configuration Figure 2-6 Quit the Utility Step 6 At the command line either reboot the appliance by typing reboot and pressing or follow the instructions to Change Root Password, page 2-5 before entering reboot. Change Root Password Note You should change the root password from the default of cisco, it is advised to use a complex password for enhanced security. Step 1 From the command line enter the command passwd and pres
Краткое содержание страницы № 20
Chapter 2 Installing Cisco NAC Guest Server Re-Imaging the Appliance Re-Imaging the Appliance When the Cisco NAC Guest Server is shipped, the system image already preloaded on the unit, so imaging is unnecessary. If you need to re-image the appliance to factory defaults, you can download the system image ISO from Cisco Secure Software Downloads on Cisco.Com and burn this ISO file to a blank CD-ROM.Once you have the system image on a bootable CD, you can perform the following steps to