|
|
This chapter describes the VLAN Policy Server's major system administration tasks. It contains:
You can connect to the VLAN Policy Server system in the following ways:
If you are connected to the VLAN Policy Server through the web, enter a valid username and password in the logon screen to log on, and click the Logout button to log off. If you are connected to the VLAN Policy Server through the command-line interface (CLI), enter a valid username and password at the logon prompt to log on, and enter the exit command to log off.
The VLAN Policy Server provides a web interface for performing administrative tasks.
 |
Note For detailed information on performing administrative tasks, see the online help that is provided with the web interface. |
To log on to the VLAN Policy Server using a web browser:
Step 2 Enter the system IP address in the web browser, followed by :1741 (the default port number).
For example, if the system IP address is 209.165.202.128, enter:
Step 3 Enter the username.
Step 4 Enter the password.
Step 5 Click Login.
The VLAN Policy Server web interface opens.
The VLAN Policy Server allows you to create users with tiered access. For more information on creating and administering user accounts, refer to the VLAN Policy Server online help. To access this information in the online help, perform the following steps:
Step 2 Click Help in the upper-right corner of the screen. The Help screen appears.
Step 3 Select Tiered Access>Managing User Account Profiles.
The VLAN Policy Server should be backed up at regular intervals. Before attempting to back up or restore your VLAN Policy Server, make sure the username and password are valid on the target system, the target directory exists and has the proper permissions for the username and password, and the system allows FTP. Backing up the VLAN Policy Server will preserve all domains, roles, users, and discovery configuration information.
To back up your VLAN Policy Server, perform the following steps:
Step 2 Select Administration>Software>BackUp/Restore.
Step 3 If you have not yet configured the backup location, do so by clicking the Configure button and entering the required information.
Step 4 Click the Backup button.
To restore your VLAN Policy Server, perform the following steps:
Step 2 Select Administration>Software>Backup/Restore.
Step 3 Click the Restore button.
Step 4 From the drop-down list, select the image you want to restore, and click Continue.
Step 5 A window appears, displaying the image you will be restoring. If the information is correct, click OK.
You can also back up and restore your VLAN Policy Server by using the following CLI commands:
The VLAN Policy Server can be shut down using either the Web interface or the CLI. Rebooting the system starts the management services installed on the system, even if they were stopped prior to the reboot.
To restart the VLAN Policy Server using the web interface, select Administration>Restart. Click Yes in the dialog box that appears. The VLAN Policy Server will restart.
To shut down the VLAN Policy Server using the CLI, enter the shutdown command before powering off the VLAN Policy Server. If you power off the VLAN Policy Server without entering this command, you might disable the system.
To reboot the system using the CLI, enter the reload command. The logon prompt appears when the reboot is complete.
To erase the system configuration and reboot the system using the CLI, enter the erase config command. After the system reboots, you must reconfigure the system using the setup program, as described in the "Configuring the VLAN Policy Server" section.
For more information about these commands, refer to:
The VLAN Policy Server uses Universal Coordinated Time (UTC) for keeping the time and date. The VLAN Policy Server uses client local time to display the time and date when connected through the Web interface. It uses UTC to display the time and date when connected through Telnet or a console, or when viewing log files.
You can set and maintain the system date and time using either of two methods:
To display the system time, enter the show clock command. For more information, see the "show clock" section.
NTP is the recommended method for configuring time and date on the system. If your network uses NTP to set the date and time on devices, enter the following command in the CLI to designate an NTP server for the system to use to set the system clock:
where ip-address is the IP address of an NTP server.
For more information, refer to the "ntp server" section.
If you disable NTP, set the system clock to UTC manually as described in the "Setting Date and Time Manually" section. If you do not set the system clock manually after disabling NTP, the system clock might be inaccurate when the system is rebooted.
If your network does not use NTP to set the system time on devices and the time is not set correctly, set the date and time to UTC manually by entering the following command in the CLI:
where hh:mm:ss is the current time (for example, 13:32:00), month is the current month (for example, January, February), day is the day of the month (for example, 31), and year is the current year (for example, 2001).
For more information, refer to the "clock" section.
The VLAN Policy Server uses 10/100 Mbps Ethernet connectors. The Ethernet 0 interface is configured when the VLAN Policy Server is configured. To enable or change an additional interface configuration, enter the interface command in the CLI. For instructions about using the interface command, refer to the "interface" section.
Any VLAN Policy Server Ethernet port can be individually configured to allow connections through the following protocols:
To enable CDP on an individual Ethernet port, use the cdp command. For more information, see the "cdp" section. To disable any of the other protocols listed above on an individual Ethernet port, use the firewall command. For more information about the firewall command, including a detailed example of its use, see the "firewall" section.
The VLAN Policy Server allows you to administer all management services simultaneously. All commands that affect management services affect all of them simultaneously; the logs that collect services information collect information about all of them.
You can stop and restart the management services if the system is not responding correctly to a management application. This should cause the services to reset and function properly again. Management services are restarted automatically when you reboot.
To stop management services, enter the following command in the CLI:
To start management services, enter the following command in the CLI:
To view management services status, enter the following command in the CLI:
For more information about the services command, refer to the "services" section.
To view system information, use the show commands, such as show clock and show process. For more information on the show commands, see "Command Reference."
The VLAN Policy Server has an operating system image and a default system configuration (hereafter collectively called the maintenance image) stored in Flash memory. You can use the maintenance image to boot the system when you need to perform some system administration tasks and disaster recovery.
You can run only the following commands while the system is running from the maintenance image: reload, erase config, and fsck.
For information about these commands, refer to the "Maintenance Image Commands" section.
While the maintenance image is running, you can do the following tasks, which you cannot do when the system is booted from the disk:
As a security measure, you can boot from the maintenance image only while connected to the system console.
Step 2 Reboot the system by doing one of the following:
Step 3 When the LILO boot: prompt appears, press the Tab key.
Step 4 When the boot: prompt appears, enter CiscoBreR.
Step 5 After you complete all necessary tasks, reboot the system by entering the reload command, and allow the system to boot from the disk.
If you cannot log on to the system because you cannot remember the administrator account names or passwords, you can recover by booting from the maintenance image, erasing the existing configuration from Flash memory, and reconfiguring the system using the setup program.
To recover from the loss of all administrator passwords:
Step 2 Enter the erase config command to erase the system configuration. The system reboots.
Step 3 Allow the system to boot from disk.
Step 4 Configure the system from the setup program, as described in the "Configuring the VLAN Policy Server" section.
Step 5 After the system reboots, reconfigure the VLAN Policy Server by following the steps outlined in the "Installing the VLAN Policy Server" section.
This section describes tasks you should perform when installing a replacement
VLAN Policy Server (a new unit intended to replace an existing unit), to make the transition as easy as possible. These tasks are in addition to the installation and configuration processes described in "Installing and Configuring the VLAN Policy Server."
Before removing the old VLAN Policy Server:
Step 2 Record the old VLAN Policy Server configuration settings, so you can configure the new VLAN Policy Server using these settings.
Step 3 Back up the old VLAN Policy Server. See the "Backing Up and Restoring Your VLAN Policy Server" section for details.
Step 4 Enter the shutdown command.
To install the replacement VLAN Policy Server:
a. Install the VLAN Policy Server (see the "Installing the VLAN Policy Server" section).
b. Connect to a power source (see the "Connecting Cables" section).
c. Connect the cables (see the"Connecting Cables" section).
d. Power on the VLAN Policy Server (see the "Powering On the VLAN Policy Server" section).
Step 2 Run the setup program (see the "Configuring the VLAN Policy Server" section).
Step 3 Use the configuration settings that you recorded from the old system to respond to the setup program prompts.
Step 4 Restore the information saved when you backed up the old system. For more information, see the "Backing Up and Restoring Your VLAN Policy Server" section.
A recovery CD is included with your VLAN Policy Server. With this CD, you can reimage the VLAN Policy Server, or you can boot from the Rescue image.
|
Note Although every effort has been made to validate the accuracy of the software version on the recovery CD, after you reimage your VLAN Policy Server, you must review the related software downloads on http://www.cisco.com for any software updates. |
Use the VLAN Policy Server Recovery CD to reimage the VLAN Policy Server, should it become necessary. Doing so destroys all data and installs a new image.
To reimage your VLAN Policy Server:
Step 2 Log on as user administrator, and enter the password created when the VLAN Policy Server was configured.
Step 3 Put the User Registration Tool VPS Recovery CD (version 2.5 Cisco 1102 VLAN Policy Server) in the VLAN Policy Server CD-ROM. For the location of the CD-ROM, see the "Front Panel Features" section.
Step 4 Enter the reload command. The VLAN Policy Server reboots. For more information on the reload command, see the "reload" section.
Step 5 At the Do you wish to continue (yes/[no]/rescue): prompt, enter yes. If you do not want to reimage your VLAN Policy Server, enter rescue. For more information about the rescue image, see the "Using the Rescue Image" section.
Step 6 When the VLAN Policy Server ejects the recovery CD, remove it.
Step 7 At the Do you wish to reload and start the install?(yes/[no]): prompt, enter yes. The VLAN Policy Server reboots, and reimaging is completed.
The rescue image is similar to the maintenance image, but is accessible through the recovery CD. You can use the rescue image to boot the system to perform some system administration tasks and disaster recovery. You can run only the following commands while the system is running from the rescue image: reload, erase config, and fsck.
For more information about how you can use the rescue image, see the related information about the maintenance image in the "Using the Maintenance Image" section.
To boot from the rescue image, perform the following steps:
Step 2 Log on as the user administrator, using the user administrator password created when the VLAN Policy Server was configured.
Step 3 Put the User Registration Tool VPS Recovery CD (version 2.5 Cisco 1102 VLAN Policy Server) in the VLAN Policy Server CD-ROM. For the location of the CD-ROM, see the "Front Panel Features" section.
Step 4 Enter the reload command. The VLAN Policy Server reboots. For more information on the reload command, see the "reload" section.
Step 5 At the Do you wish to continue (yes/[no]/rescue): prompt, enter rescue. The VLAN Policy Server boots from the rescue image.
Posted: Tue Jan 27 23:45:08 PST 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.