Steel-Belted Radius Carrier 7.2.x Installaion Guide > Installation and Basic Configuration of a SBR Carrier Stand-Alone Server > Basic SBR Carrier Configuration

Basic SBR Carrier Configuration

Running SBR Administrator

To test whether the server can be accessed by a management workstation, install and run SBR Administrator.

1. Open a browser connection to the Steel-Belted Radius Carrier server.

• To address the server, on the local host, enter http://localhost:1812/ (The port assignment of 1812 is the application's default TCP port for administration connections).
• To administer a Steel-Belted Radius Carrier server running on a remote host, enter http://server:port/

where server is the DNS name or IPv4/IPv6 address of the server, and port is the TCP port on which the server is listening for administration connections — usually 1812, the default.

For example:
http://192.168.24.15:1812/

2. Click Launch.

Applet Deploy started is displayed in the status bar at the bottom of the window.

An SBR Administrator window and a Login dialog window open.

3. Enter your administrator username, root, and the root password.

4. Click Login.

SBR Administrator establishes an HTTPS connection with the local or remote server. If it cannot establish a connection in 10 seconds, SBR Administrator times out and displays an error message.

NOTE: If a timeout occurs, verify that the Steel-Belted Radius Carrier daemon is running on the target server and that it is listening on the administration port you entered in the URL; that the port is not blocked.

SBR Administrator verifies that the username you entered exists in the access.ini file. If the username is found, SBR Administrator validates the password you entered against a local or remote password database.

When you connect to a server, the Status panel lists various features of the running server, such as version, platform on which it is running, IP address, available authentication methods, license information, and any initialization errors that might have occurred.

Configuring the Server

After you have installed the Steel-Belted Radius Carrier software on the server, have added the appropriate licenses, and can work with SBR Administrator, you can begin configuring the software. The specific steps you must perform depend on your network's authentication and accounting needs.

The basic steps for configuring the Steel-Belted Radius Carrier environment include:

1. Configure each of your RADIUS client devices to communicate with your Steel-Belted Radius Carrier server. To do this, you must log in to each device and run its configuration interface.
2. Use SBR Administrator's RADIUS Clients panel to configure the server to communicate with each RADIUS client. Details are in Chapter 4, Administering RADIUS Clients and Client Groups of the Steel-Belted Radius Carrier 7.2 Administration and Configuration Guide.
3. If the clients use RADIUS Location Groups or IP Address Pools, each of those entities must exist before the clients are configured. See Chapter 5, Administering RADIUS Location Groups and Chapter 10, Administering Address Pools of Steel-Belted Radius Carrier 7.2 Administration and Configuration Guide for instructions on setting these up.
4. Use the Users panel to identify the users or groups of users who are permitted to access the RADIUS clients.

Specify user attributes by selecting them in the Users panel or by creating user profiles in the Profiles dialog.

For more information, see the Steel-Belted Radius Carrier 7.2 Administration and Configuration Guide.

Configuring SNMP

Steel-Belted Radius Carrier runs its own SNMP agent, but other SNMP agents run on most servers. In general, only one application can use a socket port; they are not shared resources.

During installation, the configure script prompts you for SNMP setup information, including an opportunity to specify a port other than the default 161 port that is usually in use by the Solaris SNMP agent.

• If you already provided an alternate port during that setup step, you can skip the following procedure about how to change the port number, but remember to set your MIB browser to listen on the port you specified.
• If you know that other agents already use port 161 but you did not specify an alternate during installation, change the Steel-Belted Radius Carrier port assignment by editing both radiusdir/snmp/conf/jnprsnmpd.conf and radiusdir/snmp/bin/testagent.sh. Remember to check your MIB browser to determine whether it also needs adjustment to communicate with the SBR Carrier server.

To change the port, edit the SBR Carrier SNMP configuration files listed in Table 20:

Table 20: SNMP Configuration Files

Filename	Function
jnprsnmpd.conf	Stores settings for the Steel-Belted Radius Carrier SNMP agent.
testagent.sh	Test script that verifies the Steel-Belted Radius Carrier SNMP agent is operating correctly.

1. Edit radiusdir/snmp/conf/jnprsnmpd.conf to change the port number.

The jnprsnmpd.conf file is self-documenting, and you can also reference Chapter 14, SNMP Configuration Overview in the Steel-Belted Radius Carrier 7.2 Reference Guide.

CAUTION: The jnprsnmpd.conf file is very sensitive to stray white space and the order in which sections and parameters appear. Mistakes in this file can disable SNMP. Make sure to make a backup copy of the file before making any changes. While editing the file, do not to make any unnecessary changes. Follow the embedded examples as closely as possible. When specifying networks, as in 172.28.68.0/24 in the com2sec mynetwork 172.28.68.0/24 public line, the trailing 32-x bits of the IP address must be zero as specified by the trailing /x notation. For example, 32-24=8 bits in this case.

2. Make the same port number change in radiusdir/snmp/bin/testagent.sh script, which is used to test the agent.
3. After making the change, restart either the Steel-Belted Radius Carrier server process or just its SNMP daemon.

Execute:
/etc/init.d/init.jnprsnmpd start

4. If necessary, set up your SNMP browser to listen on the new port.
5. To verify that the jnprsnmpd SNMP agent functions, run the radiusdir/snmp/bin/testagent.sh script. 
   

   NOTE: Refer to the Steel-Belted Radius Carrier 7.2 Administration and Configuration Guide for more information about configuring the SBR SNMP agent.