Getting Started with CiscoSecure UNIX Server Software

Package Contents

The CiscoSecure UNIX Server package includes the following items:

• One disk labeled CiscoSecure UNIX Server
  

• CiscoSecure UNIX Server User Guide
  

• Release notes
  

• License card
  

See the publication "Cisco Information Packet" that shipped with CiscoSecure UNIX Server for detailed information about technical support.

System Requirements

CiscoSecure UNIX Server has the following hardware and software requirements.

Hardware Requirements

CiscoSecure UNIX Server software requires the following hardware:

• A Sun SPARCstation or compatible workstation
  

• 24-MB RAM
  

• At least 200 MB of free disk space
  

• A floppy disk drive
  

The memory and disk space requirements listed are minimum amounts and should be incremented by approximately 1 MB per 5,000 users. Swap space should be twice the size of RAM. Using these figures, an AA database for 200,000 users would require 64 MB of RAM and 128 MB of swap space. Free disk space should be increased if large amounts of accounting data are to be stored and kept online.

Software Requirements

The CiscoSecure UNIX Server software conforms to the TACACS+ protocol as defined by Cisco Systems and supported in Cisco Internetwork Operating System (Cisco IOS) Release 10.3 and later versions. CiscoSecure UNIX Server software Version 1.0 requires Solaris SunOS 4.1.3 or 4.1.4.

Installing CiscoSecure UNIX Server Software

CiscoSecure UNIX Server software Version 1.0 includes the binary image, "CiscoSecure." You can install this program anywhere within the file system. However, for best results, install the CiscoSecure binary image in the directory /usr/etc. In order to perform its function, the CiscoSecure UNIX Server software must be run with superuser privileges.

Take the following steps to install CiscoSecure UNIX Server software:

Step 1 Become superuser.

Step 2 Select a directory into which to install the CiscoSecure software. Normally, this would be a system directory such as /usr/etc/ciscosecure or /usr/local/etc/ciscosecure. Create this directory if it does not already exist and make it your current directory. For example:

% su

Password:

# mkdir /usr/local/etc/ciscosecure

# cd /usr/local/etc/ciscosecure

Step 3 Extract the distribution into the selected directory. The installation disks contain a compressed tar file:

# bar xvZf /dev/rfd0

Step 4 Edit the /etc/services file to include a definition for the TACACS+ protocol port number, if this is not already present. An example protocol port number definition is as follows:

tacacs 49 /tcp TACACS+

If this entry is not present, the built-in default of TCP/IP port 49 will be used.

Step 5 Enter the hostid command to obtain the hostid of the system host.

# hostid

55412315

Step 6 Fill out the license card with the hostID of the primary and backup CiscoSecure server systems and fax it to the number on the card. Your license will be returned within two business days. (For details, refer to the section "Licensing" section in the chapter "Using CiscoSecure UNIX Server Software.")

Step 7 Edit /usr/local/etc/ciscosecure/samples/control.file and replace the license key at the beginning of the file with the license key returned to you when you have completed Step 6.

Step 8 Add CiscoSecure to the /etc/rc.local startup file if it is to be restarted automatically on system reboot.

When installation is complete, the CiscoSecure UNIX Server control file and AA database must be properly configured before starting the server. (See the chapters "Configuring CiscoSecure UNIX Server Software," and "The AA Database.")

Copyright 1988-1996 © Cisco Systems Inc.