|
|
This preface contains information about the CiscoSecure Global Roaming Server User Guide, including document organization and conventions, as well as package contents and audience definition, new features available in this release, and where to find more information.
The CiscoSecure Global Roaming Server (GRS) package includes the following items:
This publication is intended for network administrators of large regional service providers (RSPs) who are using CiscoSecure GRS and who are responsible for setting up and maintaining accounts and network security.
| Chapter Title | Topics Covered |
|---|---|
Identification of package contents and new features of Release 1.3, as well as audience, organization, and conventions of this book. | |
An overview of CiscoSecure GRS and its features, network diagrams, and system requirements. | |
How to install CiscoSecure GRS files on your hard disk and how to start CiscoSecure GRS. | |
How to configure CiscoSecure GRS using the graphical user interface (GUI), which is an HTML interface. | |
Using the CiscoSecure GRS Command-Line Interface Options and Utilities | How to configure CiscoSecure GRS using the command-line interface (CLI) and instructions for using CiscoSecure GRS utilities. |
An introduction to Virtual Private Dial-Up Networking (VPDN), including stripping and tunneling, with instructions for enabling VPDN on your network access server (NAS). | |
How to identify and solve any problems you might have with the CiscoSecure GRS. | |
How to stop CiscoSecure GRS and how to uninstall the CiscoSecure GRS software. | |
A list of system messages, an explanation of their meanings, and recommended actions to solve any problems. | |
An example grs.ini file and an explanation of its line items. | |
How to prepare the NAS for use with CiscoSecure GRS. | |
How to change from a flatfile data store to an Oracle database and vice versa. | |
How to duplicate and distribute a flatfile or database among several CiscoSecure GRS hosts. | |
How to configure CiscoSecure GRS to authenticate login services such as Telnet and Rlogin. |
| Convention | Description |
|---|---|
boldface font | Commands and keywords. |
italic font | Command input that is supplied by you. |
[ ] | Keywords or arguments that appear within square brackets are optional. |
{ x | x | x } | A choice of keywords (represented by x) appears in braces separated by vertical bars. You must select one. |
^ or Ctrl | Represent the key labeled Control. For example, when you read ^d or Ctrl-d, you should hold down the Control key while you press the d key. |
| Examples of information displayed on the screen. |
boldface screen font | Examples of information you must enter. |
< > | Nonprinting characters, such as passwords, appear in angled brackets. |
[ ] | Default responses to system prompts appear in square brackets. |
Note | Means reader take note. Notes contain helpful suggestions or references to additional information and material. |
| This symbol means the described action saves time. You can save time by performing the action described in the paragraph. |
| This symbol means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. |
Several powerful new features have been added to CiscoSecure GRS with Release 1.3:
Each new feature is briefly described in the following paragraphs.
After receiving an authorization packet from an ACS, CiscoSecure GRS can add, modify, or filter an authorization attribute before the authorization is sent to the NAS. The filtering of attributes can be based on domain and dialed number identification service (DNIS). Furthermore, all Cisco and vendor-specific attributes for Remote Access Dial-In User Service (RADIUS) 11.3(2) or higher are supported. Also, some Internet Engineering Task Force (IETF) attributes, and non-vendor-specific Ascend attributes are supported.
When performing same-vendor RADIUS-to-RADIUS proxy, CiscoSecure GRS can now pass-through authorization Attribute 26, an attribute specific to your organization. The attribute can also be filtered, based on a specific domain and DNIS.
CiscoSecure GRS can now authenticate users for login services such as Telnet and Rlogin. For example, when a roaming user has used a NAS to establish a network connection, that user can run an MS-DOS window and log in to any remote UNIX or non-UNIX system in which that user has an account.
If your NAS supports DNIS, a user can be proxied through the number dialed (DNIS), therefore, the user does not have to change his or her username when roaming. This is done by assigning one or more DNIS numbers to a specific domain.
CiscoSecure GRS uses either a flatfile or Oracle database for storing its configuration settings. The data store can now be replicated and updated among one or more CiscoSecure GRS hosts.
Solaris OS V2.5.1 or V2.6. can be used for running CiscoSecure GRS. Using V2.6 makes CiscoSecure GRS Year 2000 compliant.
The previous versions of CiscoSecure GRS (Release 1.1 and Release 1.2) can be upgraded to Release 1.3.
The DNIS attribute is now available as a Terminal Access Controller Access Control System (TACACS+)/RADIUS translation, and can be used for VPDN or non-VPDN transactions.
A restart button has been added to the toolbar. The restart button can be used to manually restart CiscoSecure GRS.
You will need the documentation for your ACS and NAS. You might also want to consult Cisco Systems' Internetworking Terms and Acronyms publication.
You should also read any Readme.txt file and any release notes for additional important information. After you install CiscoSecure GRS, if there is a Readme.txt file, it will be located in the following directory:
/pathname/doc
pathname is the directory you select during the installation process.
Your CiscoSecure GRS package also includes a quick start card to help you quickly install and configure it.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or
http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Posted: Wed Feb 24 12:14:44 PST 1999
Copyright 1989-1999©Cisco Systems Inc.
Timesaver
Caution