SESM安装记录

joiner

又是去年的陳芝麻爛谷，SESM安裝記錄。
这个记录主要是说明SESM安装为RADIUS模式需要安装哪些模块，安装时配置哪些内容。
当然，安装好后也可以在相应的配置文档中修改。
详细全套官方SESM3.20文档见这里：
[color="#000000"]CISCO CNS SUBSCRIBER EDGE SERVICES MANAGER 3.2

# ./sesm_sol.bin -console
InstallShield Wizard
...................................
...................................
...................................
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Welcome to the InstallShield Wizard for Cisco [color="#ff0000"]SESM 3.2(2)
The InstallShield Wizard will install Cisco [color="#ff0000"]SESM 3.2(2) on your computer.
To continue, choose Next.
Cisco Subscriber Edge Services Manager
Cisco Systems Inc.
[color="#000000"]http://www.cisco.com/
Build: 3.2(2)
Java Home (bundled JRE): /_jvm
Java Version: 1.4.2
Press 1 for Next, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Select one of the evaluation options or the licensed option. A license number
is required for deploying [color="#ff0000"]SESM in a production environment. An evaluation
version requires no license number, has no expiry date and includes the same
functionality as a licensed product.
Is this an evaluation copy for RADIUS mode (y/n) [n] y
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Please select the type of installation that you require.
[ ] 1 - Typical
The program will be installed with the suggested configuration.
Recommended for most users.
[X] 2 - Custom
The program will be installed with the features you choose. This is the
only option that allows installation of the Captive Portal application.
[ ] 3 - Demo
Install only those components necessary to run in Demo Mode and set the
default configuration to be Demo Mode.
To select an item enter its number, or 0 when you are finished: [0]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [x] RDP
3. [x] SPE
4. [x] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [ ] Captive Portal
8. [x] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0] 2
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [ ] RDP
3. [x] SPE
4. [x] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [ ] Captive Portal
8. [x] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0] 3
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [ ] RDP
3. [ ] SPE
4. [x] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [ ] Captive Portal
8. [x] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0] 4
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [ ] RDP
3. [ ] SPE
4. [ ] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [ ] Captive Portal
8. [x] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0] 7
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [ ] RDP
3. [ ] SPE
4. [ ] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [x] Captive Portal
8. [x] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0] 8
Select the features for "Cisco [color="#ff0000"]SESM 3.2(2)" you would like to install:
Cisco [color="#ff0000"]SESM 3.2(2)
To select/deselect a feature or to view its children, type its number:
1. [x] Web Applications
2. [ ] RDP
3. [ ] SPE
4. [ ] CDAT Services and Subscriber Management
5. [x] Application Management
6. [x] Jetty
7. [x] Captive Portal
8. [ ] Tools
9. [ ] Web Services Gateway
Other options:
0. Continue installing
Enter command [0]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Configuration and Deployment
This should be the IP address or hostname of the host on which the application
will run. Do not use localhost.
Web Application Host [sesm-webserver] 192.168.3.10
This should be the port number on which the web server will listen.
Web Application Port Number [8080]
Configure [color="#ff0000"]SESM for use with SSG. This option should be selected for RADIUS
mode.
SSG Deployment Option [True]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Enter details about the SSG
The port number on which the SSG listens for Radius requests
Port Number [1812]
The shared secret needed to communicate with the SSG
Shared Secret [cisco]
Indicates the number of bits used for the port bundle/host key mechanism. A
value of zero indicates that the SSG does not use the port bundle/host key
mechanism, in which case the next panel will ask you for further details about
one SSG. Further SSGs can be configured manually following this installation by
editing .../'web app name'/config/'web app'.xml.
Port Bundle Size [0] 4
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
AAA Server Details
This should be set to the IP address or host name of the primary AAA server
Primary IP [sesm-webserver] 192.168.4.10
This should be set to the port number of the primary AAA server
Primary Port [1812]
This should be set to the IP address or host name of the secondary AAA server.
If there is only one AAA server this should be set to the same value as the
primary IP.
Secondary IP [sesm-webserver] 192.168.4.10
This should be set to the port number of the secondary AAA server. If there is
only one AAA server this should have the same value as the Primary Port.
Secondary Port [1812]
This should be set to the shared secret. This has to be the same on both
servers.
Shared Secret [cisco]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Please enter the service and group passwords
This should be set to the password needed to access service attributes using
Radius
Service Password [servicecisco]
This should be set to the password needed to access service group attributes
using Radius
Service Group Password [groupcisco]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Captive Portal Server Configuration
This should be the IP address or hostname of this server.
Captive Portal Host [sesm-webserver] 192.168.3.10
This is the number of the first port on which the captive portal web server
will listen. There will be several listeners for the different types of
redirection.
Captive Portal Port Number [8090]
The message portal server provides welcome or advertising pages. A message
portal is required for initial or advertising captivation.
Install Message Portal [True]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Message Portal Server Configuration
This should be the port number on which the message portal web server will
listen.
Message Portal Port Number [8085]
If this is checked, then the subscriber is redirected to the originally
requested URL after having been presented the message page.
Redirect After Message Page [True]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
The Main Web Server Configuration.
This should be the hostname or address of the server for a [color="#ff0000"]SESM web application
such as NWSP. This is required in conjunction with the captive portal
application to provide the content pages after the redirection for
unauthenticated users, unconnected services and error handling.
Host [192.168.3.10]
This should be the port number of the server for the [color="#ff0000"]SESM web application such
as NWSP.
Port [8080]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Unauthenticated User Redirection
Unauthenticated user redirection redirects the subscriber to the login page of
the [color="#ff0000"]SESM web application such as NWSP.
Enable User Redirection [True]
Requests on this port are redirected to the URL for the unauthenticated user
redirect.
Port In [8090]
Hostname used in URL for the user redirect. This is typically that of the
server for the [color="#ff0000"]SESM web application such as NWSP.
URL Out: Host [192.168.3.10]
Port used in URL for the user redirect. This is typically that of the server
for the [color="#ff0000"]SESM web application such as NWSP.
URL Out: Port [8080]
URI used in URL for the user redirect. This is typically relevant to the SESM
web application such as NWSP.
URL Out: URI [/home]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Initial Captivation
The initial captivation feature provides a welcome message page to the user.
Enable Initial Captivation [True]
Requests on this port are redirected to the URL for initial captivation.
Port In [8091]
Hostname used in URL for initial captivation. This is typically that of the
message portal.
URL Out: Host [192.168.3.10]
Port used in URL for initial captivation. This is typically that of the message
portal.
URL Out: Port [8085]
URI used in URL for initial captivation. This is typically relevant to the
message portal.
URL Out: URI [/initial]
The duration in seconds that the welcome message should be displayed.
Duration [15] 10
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Advertising Captivation
Advertising captivation provides an advertisement page to the user at regular
intervals.
Enable Advertising Captivation [True]
Requests on this port are redirected to the URL for advertising captivation.
Port In [8092]
Hostname used in URL for advertising captivation. This is typically that of the
message portal.
URL Out: Host [192.168.3.10]
Port used in URL for advertising captivation. This is typically that of the
message portal.
URL Out: Port [8085]
URI used in URL for advertising captivation. This is typically relevant to the
message portal.
URL Out: URI [/advertising]
The duration in seconds that the advertisement should be displayed.
Duration [10]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Unconnected Service Redirection
Unconnected service redirection takes a subscriber to eg NWSP if they attempt
getting to an as yet unconnected service.
Enable Service Redirect [True]
Requests on this port are for the default service redirect. This happens when
an attempt to connect to a service whose address does not belong to the
destination network of any of the specific service redirects.
Default Service Redirect Port In [8093]
Requests on this port are for a specific service redirect. If there is no such
service redirect set up at the PoE, then the presence of this listener is not a
problem. Complete configuration flexibility is available if required.
First Service Redirect Port In [8094]
Requests on this port are for a specific service redirect.
Second Service Redirect Port In [8095]
Requests on this port are for a specific service redirect.
Third Service Redirect In [8096]
This URL is used for all service redirects. Individual URLs can be assigned for
specific service redirects in the configuration files, if necessary. The host &
port in this URL are typically those for NWSP.
URL Out [http://192.168.3.10:8080/serviceRedirect]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Details for Unconnected Service Redirection
If this is checked, then specific service names as given below are passed to eg
NWSP. This assumes that only one service is associated with each service
redirection. This service name is used by NWSP to attempt to connect to the
service. Having this box not checked is equivalent to having empty fields
below. In this case NWSP will instead display a general information page, such
as the status page.
Pass Service Names [True]
When the request is redirected to eg NWSP, this service name will be passed as
well.
First Service Redirect Service Name [service1] internet
When the request is redirected to eg NWSP, this service name is passed as well.
Second Service Redirect Service Name [service2]
When the request is redirected to eg NWSP, this service name is passed as well.
Third Service Redirect Service Name [service3]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Application Management Web Server Configuration
This should be the port number on which the Application Management web server
will listen
Application Management Port Number [8082]
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
-------------------------------------------------------------------------------
Cisco [color="#ff0000"]SESM 3.2(2) will be installed in the following location:
C:Program Filesciscosesm_3.2.2
with the following features:
Web Applications
Application Management
Jetty
Captive Portal
Tools
for a total size:
98.3 MB
Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
***************************************************************
Merit 3.6B配置：
/usr/local/merit/raddb/lients的配置：
# RCSID: $Id: clients,v 1.1.1.1 1998/05/12 19:37:11 web Exp $
# Next entries for SESM
221.11.128.250 cisco type=RAD_RFC+ACCT_RFC
# Next entries Cisco NAS SSG (7401)
221.11.129.38 cisco type=Cisco:NAS
/usr/local/merit/raddb/users的配置：
###### SSG user profiles
cisco Password = "cisco"
Account-Info = "Ninternet"
#****************************************#
test Password = "test"
Account-Info = "Ninternet",
Account-Info = "Hhttp://www.netease.com"
###### SSG service profiles
# SSG Internet Service profile.
internet Password = "servicecisco", Service-Type = Outbound
Service-Info = "Iinternet",
Service-Info = "R0.0.0.0;0.0.0.0",
Service-Info = "MC",
Service-Info = "TP"
********************************************************

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/5101/showart_37681.html