|
This chapter describes how to install and configure the VLAN Policy Server. It contains the following sections:
Table 3-1 provides a high-level overview of the installation process.
This section provides instructions for installing the VLAN Policy Server in a rack. The rack must be properly secured to the floor, to the ceiling or upper wall, and where applicable, to adjacent racks. The rack should be secured using floor and wall fasteners and bracing specified or approved by the rack manufacturer or by industry standards. Refer to the rack manufacturer's installation documentation for warnings and precautionary information before attempting to install the VLAN Policy Server.
Before installing the VLAN Policy Server in a rack, read the "Preparing Your Site for Installation" section to familiarize yourself with the proper site and environmental conditions. Failure to read and follow these guidelines could lead to an unsuccessful installation and possible damage to the system and components. Perform the steps below when installing and servicing the VLAN Policy Server:
Warning Before working on a system that has an on/off switch, turn OFF the power and unplug the power cord. |
See "Preparing for Installation," for additional safety information regarding installing the VLAN Policy Server.
To install the VLAN Policy Server in a rack, perform the following steps:
Step 2 Attach the rack-mount brackets to the rackBecause not all holes in a rack are equidistant, it is possible to misalign the brackets. To avoid this problem, make sure that the three holes of the brackets line up exactly with the holes in the rack. Screws are not provided. See Figure 3-2.
Step 3 Put the chassis into the rackSlide the chassis-support brackets (attached to the chassis in step 1) into the rack-mount brackets (attached to the rack in step 2). See Figure 3-3.
Step 4 Fasten the chassis in the rackFasten the flanges of the chassis to the rack. When you are done, the chassis should not slide on the channel bar.
Caution The rack-mount kit is not intended for use as a slide rail system. You must complete installation of the front-mount bracket assembly by securely fastening the chassis into the rack. |
Warning Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available. |
Warning Before working on equipment that is connected to power lines, remove jewelry (including rings, necklaces, and watches). Metal objects will heat up when connected to power and ground and can cause serious burns or weld the metal object to the terminals. |
Connect the AC power receptacle to the AC power source with the provided power cable.
Use unshielded twisted pair (UTP) copper wire Ethernet cable, with standard RJ-45 compatible plugs, to connect the VLAN Policy Server to the network.
Step 2 Connect a console to the console port (the front serial port). To connect the console to the terminal port:
a. Attach a DB-9 to RJ-45 adapter (provided) to the serial port on the console.
b. Attach a DB-9 to RJ-45 adapter (provided) to the console port on the VLAN Policy Server.
c. Connect the console to the VLAN Policy Server using an RJ-45 cable (provided).
Warning Do not work on the system or connect or disconnect cables during periods of lightning activity. |
To turn the VLAN Policy Server power on, press the power switch. To turn power off, press and hold the power switch for at least four seconds. There is a power switch on both the bezel and the front panel.
The system begins booting and sends messages to the console window. When the logon prompt appears, you can configure the system.
Configure the VLAN Policy Server when you boot the system for the first time, and whenever you manually erase the configuration using the erase config command (for more information, refer to the "erase config" section).
Press the Backspace key or the Delete key to delete characters when entering a response to a prompt. You cannot edit a response after you press the Enter key. To change an entered response you must exit the setup program and enter your response again.
You can exit the setup program in one of the following two ways:
The logon prompt appears. Log on as the user setup to run the setup program.
The setup program exits without saving the configuration, then restarts.
To configure the VLAN Policy Server, perform the following steps:
When the system finishes booting, a logon prompt appears on the console.
Step 2 At the logon prompt, enter setup.
When you boot the system for the first time, it is not configured. Logging on as setup allows you to configure the system.
Step 3 Enter responses to the first set of prompts to configure VLAN Policy Server connectivity. Table 3-2 describes how to respond to the prompts.
Table 3-2 General Configuration
Prompt | Response Description | Sample Response |
---|---|---|
Sets the password for the default user admin. Characters you type do not appear on screen. Note Default user admin is reserved and cannot be deleted or changed. |
||
IP address of default router that connects VLAN Policy Server to network. |
||
IP address of DNS server that VLAN Policy Server uses for name/address resolution. The setup program does not validate the IP address you enter. If you are not using a DNS server, see the "Configuring the VLAN Policy Server Without a DNS Server" section for instructions before proceeding. |
||
Step 4 Answer the next set of prompts to configure discovery. Table 3-3 describes how to respond to the prompts. Entering the default at each prompt will cause the VLAN Policy Server to discover the entire network. Answers to these prompts are not required; you can initiate discovery at a later time using the web interface. To skip this part of the configuration, enter no at the first prompt.
For more information on discovery, including instructions on initiating discovery and adding seed devices, see the VLAN Policy Server online help by selecting Help > Performing Administrative Tasks > Discovery: Overview in the VLAN Policy Server web interface.
Table 3-3 Discovery Configuration
Step 5 Answer the next set of prompts to create a self-signed certificate. This certificate will allow you to access the VLAN Policy Server securely, using HTTPS, until you obtain a certificate from a certificate authority (CA). Table 3-4 describes how to respond to the prompts. After you finish responding to the prompts, the VLAN Policy Server will reboot.
Table 3-4 Self-Signed Certificate Creation
Prompt | Response Description | Sample Response |
---|---|---|
Enter the section of the company that is using the VLAN Policy Server. |
||
If you want to change the information in the configuration, use the following CLI commands:
To change the hostname, use the hostname command (see hostname).
To change the domain name, use the ip domain-name command (see ip domain-name).
If you want to change any other part of the VLAN Policy Server configuration, use the erase config command to erase the previous configuration (see erase config), and run the setup program again.
The VLAN Policy Server resolves hostnames by using a Domain Name System (DNS) server, or by using the import CLI command. If you are using a DNS server, register the system in DNS on a DNS server. Use the VLAN Policy Server hostname as its DNS name. If you plan to use the import command, refer to the "import" section.
The VLAN Policy Server does not require name resolution, but if it is not used, the following problems are among those that will occur:
If you are not using a DNS server, perform the same steps described in the "Configuring the VLAN Policy Server" section, substituting Step 1 and Step 2 in the procedure with the following:
Step 2 After you finish configuring the VLAN Policy Server, erase the IP address you entered by entering the following CLI command:
where ip-address is the IP address you entered at the DNS server ip address: prompt. For more information, see the "ip name-server" section.
While at the console, verify that the VLAN Policy Server is correctly configured by performing the following steps:
If you cannot log on, refer to the "Cannot Log On to the System" section for troubleshooting information.
Step 2 Enter the following command to verify that the system can communicate with the network:
where ip-address is the IP address of a host that is accessible on the network. A DNS server is an excellent host to ping because it should always be running and accessible. For information about the ping command, refer to the "ping" section.
If the system cannot communicate with the network, refer to the "VLAN Policy Server Cannot Connect to the Network" section for troubleshooting information.
Step 3 If you are using a DNS server, enter the following command to verify that the VLAN Policy Server can obtain DNS services from the network:
where dns-name is the DNS name of a host that is registered in DNS. If the browser cannot obtain the IP address of the host from DNS, make sure that the hostname has been configured in the DNS server. Then enter the ip name-server command to specify that DNS server for address resolution. Refer to the "ip name-server" section for instructions.
Step 4 Enter the command show config to verify that the configuration is as you expected. Refer to the "show config" section for information about this command.
Step 5 Enter the show clock command to verify that the system time and date are correct in Coordinated Universal Time (UTC). If the time or date is incorrect, set the correct time and date. If your network uses Network Time Protocol (NTP), configure the system to use NTP. The NTP server will set the date and time.
For more information about configuring time and date, refer to the "Setting System Date and Time" section.
Step 6 Enter the exit command to log off of the system.
Before you connect to the VLAN Policy Server via its web interface, make sure your browser is properly configured.
To configure Netscape Navigator, perform the following steps:
Step 2 Enable JavaScript:
Step 3 Configure Netscape to Navigator accept all cookies:
Step 4 Change the default font to a sans serif font for improved readability:
a. Select Edit > Preferences > Appearance > Fonts.
b. In the Variable Width Font and Fixed Width Font selection areas, select a sans-serif font (for example, Arial) and a font size.
The text in the browser window is redrawn using the new fonts.
To configure Internet Explorer, perform the following steps:
a. Internet Explorer 5.5 with Service Pack 2
b. Japanese Microsoft Internet Explorer 5.5 with Service Pack 1, on Japanese Windows 2000 or Japanese Windows NT.
Step 2 Enable JavaScript:
a. Select Tools>Internet Options>Security.
b. Make sure that the Internet icon is selected, and click Custom Level.
c. Select Enable active scripting, Allow paste operations via script, and Scripting of Java applets.
Step 3 Configure your browser to accept all cookies:
a. Select Tools>Internet Options>Security.
b. Make sure that the Internet icon is selected, and click Custom Level.
c. Scroll to Cookies. Select enable for both "Allow cookies that are stored on your computer," and "Allow per-session cookies (not stored)."
Step 4 Change the default font to sans serif for improved readability:
a. Select Tools>Internet Options. A dialog box appears.
b. Click the General tab, and select Fonts. A second dialog box appears.
c. From the Web page font and Plain text font lists, select a sans-serif font (for example, Arial).
The text in the browser window is redrawn using the new fonts.
To verify HTTP and HTTPS connectivity, connect to the VLAN Policy Server using a Web browser and perform the following steps:
For example, if the system IP address is 209.165.202.128, enter:
If a logon dialog box appears, you have connectivity. If you cannot connect to the VLAN Policy Server, see the "Cannot Connect to the VLAN Policy Server Using a Web Browser" section.
Step 2 To verify HTTPS connectivity, enter the system IP address in a web browser, prefixed by https. No port number is needed.
For example, if the system IP address is 209.165.202.128, enter:
If a logon dialog box appears, you have connectivity. If you cannot connect to the VLAN Policy Server, see the "Cannot Connect to the VLAN Policy Server Using a Web Browser" section.
Posted: Wed May 21 10:29:22 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.