Running the Steel-Belted Radius Carrier configure Script
- Navigate to the directory where you installed the Steel-Belted Radius Carrier package in Extract the Steel-Belted Radius Carrier installation package.. In that example, the directory is /opt/JNPRsbr.
- Execute the
configurescript to install the Steel-Belted Radius Carrier server software: - Review the Steel-Belted Radius Carrier license agreement.
# cd /opt/JNPRsbr/radius/install/
#./configure
Press the spacebar to move from one page to the next. When you are prompted to accept the terms of the license agreement, enter y.
Do you accept the terms in the license agreement? [n] y
- Enter a license key for your Steel-Belted Radius Carrier software.
You can enter a license string or use a one-time 30 day trial license.
Would you like to enter a license string? [n]
Installed a 30 day evaluation license.
- If you purchased Steel-Belted Radius Carrier, type y and press Enter. When prompted to do so, enter your license key and press Enter. (Your license key is available online in your juniper.net account area.) The
configurescript creates a license file that contains the key on the server. - If you do not have a license key, type
nand press Enter. The Steel-Belted Radius Carrier software is installed as a 30-day evaluation package that provides the product's full feature set with a maximum of 50,000 sessions.
5.4, 6.0, 6.1
The system prompts for the type of installation, either a new installation or a migration from a SIM Server 5.4 or 6.x SBR server:
Please enter backup or radius directory from which to migrate.
Enter n for new configuration, s to search, or q to quit
[/opt/JNPRsbr/5_4backup]:
- For a new installation, enter n.
- If you are migrating an existing Steel-Belted Radius Carrier installation and have copied a previous release's files to the Release 7.0 server (in Backing Up SIM Server 5.4 or 6.x Release Files), enter the directory path to the copy of the old installation.
- If you are migrating an existing Steel-Belted Radius Carrier installation and have copied a previous release's files to the Release 7.0 server (in Backing Up SIM Server 5.4 or 6.x Release Files), but you need to search for the directory that contains the Steel-Belted Radius Carrier files, enter s.
 |
NOTE: Steel-Belted Radius Carrier Release 7.0 supports importing a previous version's configuration files only from SIM Server 5.4 and SBR 6.0 and 6.1. If you select this option, remember that some files require manual editing and updating after installation. This is discussed in Migrating Files from Earlier Releases. |
- For most installations, do not remove older versions of Steel-Belted Radius Carrier.
WARNING: Now is the best time to remove any pre-existing versions of the software, as doing so later may destroy certain shared OS resources, such as /etc/init.d scripts in particular, that are about to be configured. Obsolete patches may also be removed.
Manually remove pre-existing software now? [y]:
Only answer y if a working installation already exists on the server proper — a copy of an installation or one on a different server that is an NFS mount can be ignored. If you respond with y, the script terminates so you can back up and remove the previous version.
If you do need to remove an existing installation, refer to that release's documentation for instructions.
The account information you enter is the default login account for the SBR Administrator. You must use this account name the first time you log into the SBR Administrator.
Enter initial admin user (account must have an associated password) [root]:
|
CAUTION: Make sure the login account you specify has a password. If you specify a user without a password as the administrator, you will not be able to log into the SBR Administrator. |
- Specify whether you want to set up the Steel-Belted Radius Carrier server as a primary server (p), a replica server (r), or a standalone RADIUS server (sa).
Configure SBR server as primary (p), replica (r), or standalone (sa) [sa]:
5.4, 6.0, 6.1
 |
NOTE: If you are migrating from a previous release, you may only select a server type that matches the old existing server. |
- If you enter
p, to designate a primary server, you are prompted to enter the replication secret used to authenticate communications between the primary server and replica servers. Enter and confirm the replication secret and press Enter to continue.
If appropriate, enter y when you are asked whether you are migrating a primary server. Doing so tells the installer to preserve the server's replication realm information.
- If you enter
r, to designate a replica server, you are prompted to specify how the replica server can locate the replica.ccmpkg configuration package containing your Steel-Belted Radius Carrier replication settings.
- If the replication package is present on your computer or network, you are prompted to specify the path to the replica.ccmpkg file.
- If you want to specify the primary server (from which the replica server can copy its replication package automatically), enter the name, IP address, and replication secret of the primary server.
Enter y if you are prompted to indicate asked whether you are migrating a replica server. Doing so causes the installer to preserve the replica server's replication settings.
- If you enter sa, to designate a standalone RADIUS server, you do not enter any replication information.
LDAP
- Specify whether you want to configure Steel-Belted Radius Carrier to use an external LDAP data service.
- If you do not want to configure Steel-Belted Radius Carrier to use an external LDAP data service, press Enter.
- If you want to configure Steel-Belted Radius Carrier for use with an external LDAP data service, type
yand press Enter. You are prompted to enter the path for the LDAP library files:
Do you want to configure LDAP? [n]: y
Enter path for LDAP library files [/usr/lib]:
To accept the default path (/usr/lib), press Enter.
Oracle
|
NOTE: If the server has already been set up with an Oracle client (in Setting Up External Database Connectivity), answer |
Configuring for use with generic database
Do you want to configure for use with Oracle? [n]:
- To accept the default no, press Enter.
- If you will use Oracle, type
yand press Enter. You are prompted for the Oracle version and path information to the Oracle library files.
Configuring for use with Oracle.
Supported Oracle version: 9, 10
What version of Oracle will be used? [9] 10
Configuring for use with Oracle 10
Setting the environment variable ORACLE_HOME.
Enter ORACLE_HOME []: /opt/10g/app/oracle/product/10.2.0.3
Setting the environment variable LD_LIBRARY PATH.
Enter path for Oracle shared libraries [/opt/10g/app/oracle/product/10.2.0.3/lib32]:
Setting the environment variable TNS_ADMIN.
Enter TNS_ADMIN [/opt/10g/app/oracle/product/10.2.0.3/network/admin]:
- Specify whether you want the Steel-Belted Radius Carrier server to communicate with an SS7 system.
Do you want to configure for use with SS7? [n]: y
Configuring for use with SS7
Setting the environment variable OMNI_HOME
Enter OMNI_HOME []: /opt/ulcm
SNMP
- Specify whether you want the Steel-Belted Radius Carrier server to be an SNMP agent.
Do you want to configure SNMP? [n]:
- If no, press Enter to proceed to the next prompt.
- If yes, type
Yand press Enter. The installer prompts you for the information it needs to configure the jnprsnmpd.conf and startsnmp.sh files.
- Provide the community string.
- When you are prompted for a range of IPv4 addresses, specify a starting IP address in Classless Inter-Domain Routing (CIDR) format.
Choose a community string: public
- To specify that only one host may query the agent, enter the IP address of the host followed by /32.
- To specify that any host on a designated class C network may query the agent, enter the starting address of the network followed by /24.
Specify the range of IPv4 addresses that may query this agent, such as 1.2.3.0/24.
Address range: 192.168.70.0/24
- If you are using SNMPv2, enter the DNS name or IP address of the trap sink to receive trap information from the SNMP agent on the Steel-Belted Radius Carrier server.
SNMPv2 trap sink: 192.168.70.86
Configuration of SNMP complete.
RSA
- Specify whether you want to register your Steel-Belted Radius Carrier server as an Agent Host with RSA Authentication Manager.
- Specify whether you want to configure the Steel-Belted Radius Carrier server to autoboot (restart automatically when the operating system is restarted).
Do you want to register SBR with an RSA server (requires RSA Auth Manager 6.1 or later)? [n]:
|
NOTE: When you register your Steel-Belted Radius Carrier master or replica server as an Agent Host with an RSA SecurID server, it registers itself as an RSA replica. This is normal behavior. |
Enable (e), disable (d), or preserve (p) RADIUS autoboot [e]: e
Steel-Belted Radius Carrier stores its autoboot settings in the local \radiusdir\radius\sbrd file.
- If you enter e (enable), the configure script copies the settings in the sbrd file to the /etc/init.d boot script and deletes an existing Steel-Belted Radius Carrier autoboot settings.
- If you enter d (disable), the configure script does not copy the settings in the sbrd file to the /etc/init.d boot script and deletes old Steel-Belted Radius Carrier autoboot settings, disabling autobooting for all versions of Steel-Belted Radius Carrier.
- If you enter p (preserve), the configure script does not copy the settings in the sbrd file to the /etc/init.d boot script or delete old Steel-Belted Radius Carrier autoboot settings, thereby leaving your previous autoboot settings unchanged.
When you finish entering settings, the script configures Steel-Belted Radius Carrier with the settings you specified and then displays:
The SBR Administrator can be launched using the following URL:
http://<servername>:1812
Configuration complete