1. No category

PDF - This Chapter (663.0 KB)

CH A P T E R
2
Installing Cisco IPICS
This chapter describes the procedures that you need to follow to install the
Cisco IPICS operating system and the Cisco IPICS server software.
This chapter includes the following sections:
•
Before You Begin, page 2-1
•
Installing the Cisco IPICS Operating System, page 2-6
•
Installing the Cisco IPICS Server Software, page 2-16
•
Restarting or Shutting Down the Server, page 2-25
•
Preparing to Use Cisco IPICS, page 2-27
Before You Begin
This section describes the activities that you must follow to prepare for the
Cisco IPICS operating system and server installations and includes the following
topics:
•
Obtaining the IP Addresses for Your Cisco IPICS System, page 2-2
•
Preinstallation Checklist, page 2-3
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-1
Chapter 2
Installing Cisco IPICS
Before You Begin
Obtaining the IP Addresses for Your Cisco IPICS System
To facilitate communications between your users, your Cisco IPICS system
requires a pool of IP addresses that can be reached by all users in your network
domain.
The Cisco IPICS server requires a static, local IP address that is advertised on the
network. Cisco IPICS end points, such as the PMC or Cisco Unified IP Phone,
must have the static address of the Cisco IPICS server to maintain
communications.
Because Cisco IPICS converts analog push-to-talk (PTT) radio traffic to IP traffic,
each radio channel gets mapped to an IP multicast address. Similarly, in
hoot’n’holler systems, each talk group gets mapped to an IP multicast address.
Users on IP-connected devices, such as the PMC, can participate in these channels
by connecting via a multicast IP address or by using a unicast remote connection
through the Session Initiation Protocol (SIP).
Cisco IPICS requires a multicast address for each of the following activities:
•
Creating a PTT channel
•
Creating a talk group in a hoot’n’holler system
•
Activating a virtual talk group (VTG)
•
Connecting a dial user into a channel or VTG
For ease of allocating IP addresses, it is helpful to obtain a subnet of IP addresses
from which you can configure the devices that are part of that subnet.
Cisco IPICS also requires an IP address for the loopback interface for the router
media service (RMS). A loopback interface consists of two T1/E1 interfaces on
the RMS that are connected by a short cable called a loopback cable. A loopback
interface is used for voice signaling and media for any SIP-based connections
with Cisco IPICS.
Note
Cisco recommends that you specifically configure the Loopback0 interface when
there is more than one IP path to the RMS. However, you may configure an
interface other than Loopback0 if specific criteria are met. For details about this
criteria, refer to the “Configuring the Cisco IPICS RMS Component” appendix in
the Cisco IPICS Server Administration Guide, Release 2.1(1).
Cisco IPICS Server Installation and Upgrade Guide
2-2
OL-12985-01
Chapter 2
Installing Cisco IPICS
Before You Begin
Consult your network administrator to obtain IP addresses for the Cisco IPICS
system, channels, VTGs, and the RMS.
For information about configuring and using IP addresses with Cisco IPICS, and
for more information about the RMS, refer to the “Configuring the Cisco IPICS
RMS Component” appendix in the Cisco IPICS Server Administration Guide,
Release 2.1(1).
Preinstallation Checklist
Before you begin the installation, make sure that you perform the following tasks:
Preinstallation Tasks
Checkoff
Check that you have both CDs from the Cisco IPICS installation
package.
Check that the power cords on your server and monitor are securely
attached and plugged in to a power source.
Attach an Ethernet network cable to the Ethernet 0 (eth0) port on
your server.
Note
You must connect your network cable to the eth0 interface on
your server. Generally, for servers that label their Ethernet
interfaces as NIC 1 and NIC 2, connect the Ethernet cable to
the NIC 1 interface; this interface is usually the eth0
interface. For servers that label their Ethernet interfaces as 1
and 2, consult the product documentation that you received
with your server to determine how the server labels its
interfaces. In all cases, it is a good practice to verify the
location of the eth0 interface on your specific server before
you proceed.
Make sure that you have at least 160 GB of hard disk space available
in your Cisco IPICS server.
Cisco strongly recommends that you attach an uninterruptible power
supply (UPS) to your system and ensure that the UPS is operating
correctly.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-3
Chapter 2
Installing Cisco IPICS
Before You Begin
Preinstallation Tasks (continued)
Checkoff
Check that your monitor cable connector is appropriate for the
connector on the server. Video Graphics Array (VGA) analog and
VGA digital are common connector types but are not compatible
with each other without the proper adapter.
Before you begin the installation process, check the power settings
on your monitor to make sure that the display is not configured with
any timeout values.
Note
If your display times out while you are performing the
installation and you can no longer see the progress on your
monitor, move your mouse to restore the display. Make sure
that you do not press any keys on the keyboard in an effort to
restore your display. Pressing keys without being able to
view the information that displays on your monitor can cause
undesirable results.
Ensure that you have obtained the IP address, subnet mask, default
gateway, and DNS server (optional) information for the Cisco IPICS
server from your network administrator.
Check that you have obtained the Media Access Control (MAC)
address for the eth0 interface of the Cisco IPICS server. Cisco IPICS
uses the MAC address of the server to validate the Cisco IPICS
license. For information about how to obtain the MAC address, see
Step 30 in the “Installing the Cisco IPICS Operating System
Software” section on page 2-7.
Note
In a system with multiple network interface cards (NICs),
Cisco IPICS always uses the eth0 MAC address to validate
the license, even if eth0 is disabled.
Cisco IPICS Server Installation and Upgrade Guide
2-4
OL-12985-01
Chapter 2
Installing Cisco IPICS
Before You Begin
Preinstallation Tasks (continued)
Checkoff
If your network uses the Network Time Protocol (NTP), obtain the
IP address or DNS name of the NTP server.
Note
You can configure NTP when you install the Cisco IPICS
operating system software, or you can configure NTP after
you install the Cisco IPICS software by using the ntpsetup
command. For information about the ntpsetup command,
refer to the “Configuring NTP on the Cisco IPICS Server
with the ntpsetup Tool” section in the “Using the
Cisco IPICS CLI Tools and Service Commands” chapter in
the Cisco IPICS Troubleshooting Guide, Release 2.1(1).
You can install a third party certificate to replace the Cisco IPICS
self-signed certificate. For more information about installing third
party certificates, see the “Installing Third Party Certificates On the
Cisco IPICS Server” section on page 2-40. A third-party certificate
is not required for use with Cisco IPICS.
To ensure the functionality of Cisco IPICS, you should also perform the following
tasks either before or after you install Cisco IPICS:
Tasks
Checkoff
Ensure that you have obtained multicast IP addresses for channels
and VTGs. (If you do not have access to this information, contact
your system administrator.)
Check to make sure that the T1/E1 interfaces on the RMS are
connected via a loopback cable. This cable is a short-length
crossover cable with the following pinouts: 1-4, 2-5, 4-1, 5-2. One
end of the cable is attached to each of the RJ-45 connectors on the
T1/E1 interfaces for the RMS device. The connected interfaces are
used for voice signaling and media for any SIP-based connections
with Cisco IPICS. If you do not have a crossover cable, contact your
authorized Cisco support representative for assistance to obtain one.
Ensure that you have obtained an address for the RMS interfaces that
are connected by a loopback cable. (If you do not have access to this
information, contact your system administrator.)
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-5
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
If you use the Cisco IPICS dial engine, which controls dial-in and dial-out
functionality, ensure that you complete the following tasks before you use the dial
engine:
Tasks
Checkoff
Ensure that you have the IP address, SIP listening port, and preferred
transport type of your SIP provider. Support for SIP-based dial
functionality is provided via Cisco Unified Communications
Manager or a Cisco router that runs a supported version of Cisco IOS
and Cisco Unified Communications Manager Express as the SIP
provider. The policy engine requires that a SIP provider be
configured in the customer network.
For information about configuring a SIP provider, refer to the
Cisco IPICS Server Administration Guide, Release 2.1(1).
If your SIP provider is Cisco Unified Communications Manager,
determine the authentication credentials that Cisco IPICS uses when
it initiates a call into Cisco Unified Communications Manager.
Authentication is not required with Cisco Unified Communications
Manager Express.
Be sure that your SIP provider uses a supported version of
Cisco Unified Communications Manager, Cisco IOS, and/or
Cisco Unified Communications Manager Express. Refer to the
Cisco IPICS Compatibility Matrix for the most updated list of
supported hardware and software for use with Cisco IPICS.
Determine how your Cisco IPICS system fits into the dial plan of
your SIP provider. For example, determine the range of directory
numbers (DNs) that must be routed from the SIP provider to the
Cisco IPICS system.
Installing the Cisco IPICS Operating System
This section describes the steps that you need to follow to install the Cisco IPICS
operating system. This section includes the following topics:
•
Installation Caveats for Cisco MCS 7825 Servers, page 2-7
•
Installing the Cisco IPICS Operating System Software, page 2-7
Cisco IPICS Server Installation and Upgrade Guide
2-6
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Installation Caveats for Cisco MCS 7825 Servers
Be aware of the following caveats when you install the Cisco IPICS operating
system on Cisco MCS 7825 servers:
•
Cisco IPICS does not support a Redundant Array of Disks (RAID) on
Cisco MCS 7825 servers. If RAID is enabled on your Cisco MCS 7825
server, make sure that you disable it before you install the operating system.
•
When you install the Cisco IPICS operating system on Cisco MCS 7825-H1
and Cisco MCS 7825-H2 servers, you must disable both the Serial ATA
(SATA) controller option and the Virtual Install Disk option to disable RAID.
You do not need to take this action when you install the operating system on
Cisco MCS 7845 servers because Cisco IPICS supports RAID on these
servers.
To disable RAID, the Serial ATA controller option and the Virtual Install Disk
option, follow Step 3 in the procedure that is documented in the “Installing the
Cisco IPICS Operating System Software” section on page 2-7.
Installing the Cisco IPICS Operating System Software
To install the Cisco IPICS operating system software, perform the following
procedure.
Procedure
Step 1
Turn the server on by pushing the power button that is located on the front panel
of the server.
Step 2
Place the Cisco IPICS operating system installation CD into the server disk drive.
The system begins to boot.
If you are installing the Cisco IPICS operating system on a Cisco MCS 7825-H1
or Cisco MCS 7825-H2 server, you must disable the embedded SATA software
RAID and the Virtual Install Disk option.
Continue to Step 3 for the steps to disable these features on these model servers.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-7
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Note
If you are installing Cisco IPICS on another Cisco MCS 7825 server,
consult the product documentation that you received with your server to
determine if RAID is enabled and the steps that you perform to disable it.
If you are installing the Cisco IPICS operating system on a Cisco MCS 7845
server, you do not have to disable these features and can proceed to Step 5.
Step 3
Enter the System Maintenance menu by following these steps:
a.
Listen closely to the sounds that you hear from the server and watch your
monitor as the server boots.
b.
When you hear the server beep and see the message, “Press F10 key to enter
System Maintenance Menu,” press F10.
The System Maintenance menu displays with the following choices:
– Setup Utility—This menu provides access to configuration utilities from
which you can change settings for server components, such as the
embedded SATA software RAID and the Virtual Install Disk.
– Inspect Utility—This menu provides access to statistical information
about the server and its components, such as PCI Device Info and a
System Memory Map.
– Diagnostic Utility—This menu includes utilities that you can use to
perform diagnostic tests on the server, such as a memory test or a CPU
test.
Step 4
Enter the Setup Utility by choosing Setup Utility from the System Maintenance
menu; then, press Enter.
The Setup Utility displays.
a.
From the Setup Utility menu, press the Down Arrow key to highlight
Advanced Options; then, press Enter.
The Advanced Options menu displays.
b.
Press the Down Arrow key to highlight Virtual Install Disk.
When you highlight Virtual Install Disk, the current status displays below the
menu.
Cisco IPICS Server Installation and Upgrade Guide
2-8
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
c.
Perform one of the following actions, depending on the status of the Virtual
Install Disk:
– If the status displays as Disabled, go to Step e.
– If the status displays as Enabled, change the Configuration Selection. To
change the selection, press Enter to open the menu; then, press the Down
Arrow key to select and highlight Disabled.
d.
Press Enter to confirm your choice.
The Virtual Install Disk setting displays as Disabled.
e.
From the Advanced Options Menu, press the Down Arrow key to select and
highlight either Embedded SATA RAID or Sata Software Raid (the
wording of the SATA RAID option differs depending on your server
hardware).
The current status displays below the menu.
f.
If the status displays as Disabled, go to Step h.
If the Embedded SATA RAID or Sata Software Raid status displays as
Enabled, press Enter to open the menu; then, press the Down Arrow key to
select and highlight Disabled.
g.
Press Enter to confirm your choice.
h.
Press Esc twice to close the menus and exit the utility.
i.
Press the F10 key to confirm that you want to exit and save your changes.
Note
If you press any other key besides F10, the system returns to the Setup
Utility Main menu. In this case, you must repeat the Setup Utility steps
that begin with Step 4.
The server begins to boot from the CD. This time, when the system beeps, let
it continue to boot from the CD.
The Cisco IPICS operating system installation displays the CD version of the
Cisco IPICS operating system and the option to overwrite the hard drive.
Step 5
To overwrite the hard drive and install the Cisco IPICS operating system files,
perform these steps:
a.
When the system prompts you to overwrite the hard drive, enter Y; then, press
Enter.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-9
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Note
Do not press any keys, including the SysRq key, during the installation.
Pressing the SysRq key causes a kernel panic condition on your server,
which requires a hard reboot to fix.
The Cisco IPICS operating system Installation Progress window displays the
progress of the installation. The operating system installer formats the file
system and installs the software packages.
Note
After the package installation completes, the window may appear
unresponsive or the screen may become blank. Wait while the system
completes the background security processes.
The server ejects the installation CD and the Installation Complete window
displays.
b.
Note
c.
Note
Remove the CD from the drive.
Keep your installation CD in a safe location in the event that you need to
reinstall the operating system.
To view the technical information that relates to this release of the
Cisco IPICS operating system, click Release Notes or press Alt+R.
If your mouse begins to move erratically across your display, it may be
due to the operating system loading an incorrect driver for your mouse. If
you encounter this situation and it affects your ability to navigate with
your mouse, use the keyboard shortcuts to perform Step c through Step e.
Although the status window indicates that the installation is complete, you
must complete several more tasks before you can install the Cisco IPICS
server software. Make sure that you perform the remaining steps in this
procedure to complete the Cisco IPICS operating system configuration.
d.
To close the window for the Release Notes, click X or press Alt+C.
The Release Notes window closes.
e.
To close the window and reboot the server, click Exit or press Alt+E.
Cisco IPICS Server Installation and Upgrade Guide
2-10
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
The server reboots.
During the bootup process, a GRUB window displays with the Cisco IPICS
software installation highlighted.
Step 6
After the GRUB window displays, press Enter to continue with the boot process.
Alternatively, you can take no action and let the window time out.
One of the following windows displays:
Step 7
•
The system displays the window for the Kudzu hardware detection utility.
This utility detects, and allows you to configure, new hardware during the
Cisco IPICS operating system installation.
•
The system displays the Welcome window. You enter network configuration
information for Cisco IPICS in the series of windows that follow the
Welcome window.
If the Kudzu hardware detection utility window displays, press any key.
Note
Step 8
You must press a key within 3,600 seconds (one hour) or the Kudzu
window times out. If the Kudzu window times out, you must rerun the
Kudzu hardware detection utility after you complete the initial
installation process. See the “Cisco IPICS Cannot Detect the NIC During
Installation” section on page 5-2 for more information about how to rerun
the Kudzu hardware detection utility.
Perform the following steps, depending on the window that the system displays:
Note
•
The installer may display different windows depending on the hardware
platform that you use. The first time that the installer prompts you to
configure the eth0 interface, you must choose the Dynamic Host
Configuration Protocol (DHCP), as described in Step 10. This step is
required to ensure that the appropriate driver is installed. Then, you must
overwrite the DHCP configuration with a static IP address for the eth0
interface, as described in Step 19. If the installer prompts you to configure
the eth1 interface, make sure that you choose the Ignore the device
option. Cisco IPICS does not support the use of the eth1 interface.
If a window displays to indicate that the system added a NIC, continue with
Step 9 to configure the eth0 interface.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-11
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Note
Step 9
You must configure the eth0 interface to enable network connectivity to
the server.
•
If a window displays to indicate that the system detected either an Intel SATA
controller or an Intel IDE controller, proceed to Step 14.
•
If the Welcome window displays, proceed to Step 15.
Press Enter to choose the Configure option from the following list of options:
•
Configure— Choose this option to configure the NIC that controls the eth0
interface. This option specifies the default.
•
Ignore the device—Choose this option if you do not have hardware that
needs to be added to the server.
•
Do nothing—Choose this option if you do not want to configure the
hardware. If you reboot the server, the hardware configuration utility detects
the hardware as being newly installed, and the server prompts you to
configure it.
The Cisco IPICS operating system configuration program displays the interface
configuration window.
Step 10
Press the Spacebar to choose Use dynamic IP/configuration (BOOTP/DHCP).
An asterisk displays in the check box area to indicate that you have chosen to use
DHCP.
Note
This step allows the Cisco IPICS operating system to detect the NIC that
controls the eth0 interface on your server and install the appropriate driver
for the interface. Cisco IPICS does not use DHCP. You must use a static
IP address to configure your Cisco IPICS server for network connectivity.
You perform the static IP configuration steps in the Network Setup
window as described in Step 19.
Step 11
Press Tab or use the left and right arrows to choose OK.
Step 12
To accept your choice, press Enter.
Step 13
If the operating system configuration program displays a second window that
indicates that the Cisco IPICS operating system detected another NIC, perform
the following actions to ignore the configuration for the eth1 interface:
Cisco IPICS Server Installation and Upgrade Guide
2-12
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
a. Press Tab to choose Ignore.
b. Press Enter to confirm.
Note
Make sure that you do not configure the eth1 interface. Cisco IPICS
does not support the configuration of the eth1 interface.
The Cisco IPICS operating system configuration program continues
without configuring the eth1 interface, and displays a window indicating
that it detected an Intel controller.
Step 14
If the system displays a window to indicate that it detected either an Intel SATA
controller or an Intel IDE controller, press Enter to accept the Configure option
and configure the controller.
The system automatically configures the controller.
A Cisco IPICS operating system Welcome window displays.
Step 15
At the Welcome window, click Next.
The Root Password window displays.
Step 16
Enter a password for the root user.
The root user has access to all the files in the Cisco IPICS server. Cisco IPICS
requires that you use strong passwords that contain at least eight characters and
include the following elements:
•
At least one lower case letter
•
At least one upper case letter
•
At least one number
•
At least one of the following special characters:
@[]^_`!"#$%&'()*+,-./:;{<|=}>~?
Note
If you need to change the root password at a later date, you can log in to
the Cisco IPICS server as the root user and change it by using the
reset_pw command. For more information, refer to the “Resetting,
Changing, or Creating a Password With the reset_pw Tool” section of the
“Using the Cisco IPICS CLI Tools and Service Commands” chapter in the
Cisco IPICS Troubleshooting Guide, Release 2.1(1).
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-13
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Step 17
Reenter the password and click Next.
The Network Setup window displays.
Cisco IPICS prompts you to enter the DNS server information.
Step 18
In the DNS Information area in the Network Setup window, enter the Primary and
Secondary DNS (if any) and the domain name of your server in the specified
fields.
Step 19
In the Ethernet Port 1 (device eth0) area, enter the host name, IP address, subnet
mask, and default gateway for your server in the specified fields.
Step 20
Click Next.
The Timezone window displays.
Step 21
Choose the correct time zone for your area from the choices in the selection list.
If your system clock uses Universal Coordinated Time (UTC), make sure that you
check the System Clock uses UTC check box.
Step 22
Click Next.
The Date and Time window displays.
Step 23
Perform one of the following actions to set the system date and time:
•
Note
If your network uses the Network Time Protocol (NTP), check the Enable
Network Time Protocol check box; then, enter the name or IP address of
your NTP server in the Server field.
If you configure NTP on the server, the system administrator should
provide instructions to the PMC users to also configure the Windows
Time Service on their PMC client machines to enable synchronization
between the PMC and the server logs. For detailed information about how
to configure the Windows Time Service, refer to the Microsoft support
site at http://support.microsoft.com/ and search for Article ID 307897.
If you install a time-bound license for your system, use caution when
enabling NTP. Adjustments to the system date can cause Cisco IPICS to
invalidate your license. For more information, see the “Managing
Time-Bound Licenses” section on page 2-37.
•
If your network does not use NTP, enter the current date and time in the
appropriate fields.
Cisco IPICS Server Installation and Upgrade Guide
2-14
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Operating System
Step 24
Click Next.
The Finish Setup window displays.
Step 25
Click Next.
The system processes an internal check list as it boots up. After the system has
booted up, Cisco IPICS displays the following text:
Cisco IPICS
hostname login:
where:
hostname represents the host name that you specified in Step 19.
Step 26
Enter root in the hostname login: field; then, press Enter.
Cisco IPICS prompts you for the password for the root user.
Step 27
Enter the password that you created for the root user in Step 16; then, press Enter.
Step 28
To verify network connectivity, enter the following command:
[root]# ping <destination-ip-address>
where:
<destination-ip-address> represents the default gateway address or an IP address
of another host on the network.
Step 29
Press Ctrl+C to stop the ping.
If the ping is not successful, troubleshoot the network connectivity with your
network administrator.
Step 30
Locate the hardware MAC address for the eth0 interface by following these steps:
a.
To display the MAC address of the eth0 interface, enter the following
command:
[root]# ifconfig eth0
b.
Note the HWaddr field in the command output.
The HWaddr field contains the MAC address for the eth0 interface.
c.
Make a note of the MAC address information for the eth0 interface so that you
can use it to obtain your license for Cisco IPICS.
d.
To log out of the server, enter the following command:
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-15
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
[root]# exit
The Cisco IPICS operating system installation is now complete. You can continue
with the installation of the Cisco IPICS server software. If you do not want to
install Cisco IPICS immediately, you can resume the installation at a later time.
To install the Cisco IPICS server software, see the “Installing the Cisco IPICS
Server Software” section.
Installing the Cisco IPICS Server Software
After you have successfully installed the Cisco IPICS operating system, you can
install the Cisco IPICS server software by using one of the following methods:
•
Directly by using the installation CD at the Cisco IPICS server.
•
Remotely by copying the installer file to the server and entering remote
commands.
The Cisco IPICS server installation program uses a text-based interface and does
not provide support for a graphical user interface (GUI). This installation
procedure allows you to choose from the following install options:
Note
•
Install—This option installs the Cisco IPICS server software, including
Cisco Security Agent (CSA).
•
Upgrade—This option upgrades your server from a previous version of
Cisco IPICS. For information about performing an upgrade of the
Cisco IPICS server software, see Chapter 3, “Upgrading Cisco IPICS.”
Be aware that the options that the installer displays may differ depending on the
current software version that is running on your system.
This section includes the following topics:
•
Performing a Direct Cisco IPICS Server Software Installation, page 2-17
•
Performing a Remote Cisco IPICS Server Software Installation, page 2-21
Cisco IPICS Server Installation and Upgrade Guide
2-16
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
Performing a Direct Cisco IPICS Server Software Installation
If you have physical access to the Cisco IPICS server, you can install the server
software directly from the server. To do so, you must have the Cisco IPICS
installation CD that is included with your product package.
Note
Be aware that you must log in as the root user to perform the Cisco IPICS
installation. If you attempt to run the installation from any other user ID, the
installation returns an error and exits.
Tip
To terminate the installation process at any point in time, press Ctrl+C.
To install the Cisco IPICS server software directly from the server location,
perform the following procedure:
Procedure
Step 1
Enter root in the hostname login: field in the terminal console; then, press Enter.
Cisco IPICS prompts you for the password for the root user.
Step 2
Enter the password that you created for the root user in Step 16 in the “Installing
the Cisco IPICS Operating System Software” section on page 2-7; then, press
Enter.
The Cisco IPICS operating system logs you in as the root user.
Step 3
Enter the free command and read the information that displays in the total column
to check the total amount of installed memory.
The Cisco IPICS installation requires a minimum of 2 GB of memory.
The following example shows that there is a minimum of 2 GB of total memory
in the server:
[root]# free
total
used
free
shared
Mem: 2055340
881152
1174188
0
-/+ buffers/cache:
466604
1588736
Swap:
2048248
0
2048248
buffers
25520
cached
389028
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-17
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
If your server does not have sufficient memory, contact your Cisco representative
to find out how you can purchase additional memory. Refer to the Cisco IPICS
Compatibility Matrix for specific memory requirements.
Step 4
Insert the Cisco IPICS installation CD into the CD drive of the Cisco IPICS
server.
Step 5
Mount the contents of the CD onto the server by entering the following command:
[root]# mount /mnt/cdrom
Step 6
To navigate to the CD location, enter the following command:
[root]# cd /mnt/cdrom
Step 7
To view the installer file, enter the following command:
[root]# ls -l
The directory of the CD displays.
Step 8
Locate the installer file in the directory listing.
The Cisco IPICS installer file has a .run file extension.
Step 9
To start the installation, enter the following command:
[root]# bash <installerfilename>.run
where:
<installerfilename>.run specifies the name of the installer file that you located in
Step 7.
Cisco IPICS begins the installation process.
Text displays to inform you that you must read and accept the terms of the End
User License Agreement (EULA) before you can proceed.
Step 10
Press Enter to display the EULA.
The Cisco IPICS installer displays the EULA.
Step 11
Press the Spacebar to scroll through and view the EULA. To accept the terms of
the EULA, enter y or yes to continue with the installation.
You must accept the terms of the EULA to proceed.
Cisco IPICS Server Installation and Upgrade Guide
2-18
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
Note
To terminate the installation while the EULA is being displayed, press
Ctrl+C. The installation terminates after the installation program
displays the entire EULA. Press q to bypass the EULA and terminate the
installation process.
The installation program prompts you to enter a password for the ipics user. The
ipics user has the capability to perform all administration-related tasks via the
Cisco IPICS Administration Console.
Step 12
Enter a password for the ipics user in the password field.
To ensure a strong password, use a password that is at least eight characters long
and contains at least one of each of the following characters:
•
One lower case letter
•
One upper case letter
•
One number
•
One of the following special characters:
@[]^_`!"#$%&'()*+,-./:;{<|=}>~?
Note
Step 13
The installation program also creates a password for the informix Linux
user by using a random algorithm. The informix user has full
administrative permission to the Informix database instance and belongs
to the ipics and informix linux groups. The ipics linux group includes
permission to Cisco IPICS application-related folders, files, and scripts.
The informix linux group includes full permission to the Cisco IPICS
database server folders, files, and scripts. The password for this user ID
never expires.
Reenter the password; then, press Enter.
The installation program prompts you to enter a password for the Cisco IPICS
ipicsadmin (administrative) Linux user. That ipicsadmin user belongs to the ipics
linux group. In addition, the ipicsadmin user has permission to read and write data
from and/or to the Informix database.
Step 14
Enter a password in the password field to create the ipicsadmin user password.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-19
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
To ensure a strong password, use a password that is at least eight characters long
and contains at least one of each of the following characters:
•
One lower case letter
•
One upper case letter
•
One number
•
One of the following special characters:
@[]^_`!"#$%&'()*+,-./:;{<|=}>~?
Note
Step 15
The password for the ipicsadmin user never expires.
To begin the installation process, enter y or yes.
The Cisco IPICS software begins the installation process.
A progress bar displays to indicate the percentage of the installation that has
completed.
Step 16
After the file installation completes, a message displays to inform you of the
status.
The following text is an example of the message that you might see when the
installation has successfully completed.
"The installation has completed successfully."
You can view the installation log file by navigating
to the following directory:
"/var/opt/CSCOipics/run/20061018092707/ipics-install-log.txt"
To complete the installation, you must reboot your server.
Do you want to reboot now? (YES/NO): [YES]
Step 17
Enter YES to reboot your server.
The server reboots and your Cisco IPICS server becomes available.
Cisco IPICS Server Installation and Upgrade Guide
2-20
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
Note
If you enter NO, complete the restart before you attempt to log in to
Cisco IPICS. Cisco IPICS processes, such as the tomcat service and
database server, do not start until you reboot the server.
To reboot your server at a later time, follow the procedure in the
“Restarting or Shutting Down the Server” section on page 2-25.
Performing a Remote Cisco IPICS Server Software Installation
This section describes the procedure that you can follow to install Cisco IPICS
from a PC that is remotely connected to the network.
To install the Cisco IPICS server software from a remote location, perform the
following procedure:
Procedure
Step 1
Step 2
Transfer the installer file from the Cisco IPICS installation CD to the Cisco IPICS
server. To do so, perform one of the following tasks:
•
Place the CD (or have someone place it for you) in the Cisco IPICS server and
copy the installer file to the server. Follow the steps that are documented in
Step 2 to perform this procedure.
•
Place the CD in a PC and transfer the installer file to the Cisco IPICS server
by using a File Transfer Protocol (FTP) client software program, such as
Secure Shell (SSH) Client software (or similar software). Follow the steps
that are documented in Step 3 to perform this procedure.
To copy the installer file from the CD, perform the following steps:
a.
Insert the Cisco IPICS installation CD in the server disk drive.
b.
Choose Start > Programs > SSH Secure Shell > Secure Shell Client to
remotely connect to the Cisco IPICS server.
Note
The SSH idle timeout value is 120 minutes (two hours). Therefore, make
sure that you do not leave an SSH remotely-connected session inactive for
more than two hours; otherwise, the session times out.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-21
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
Tip
If you do not have Secure Shell Client installed on your PC, use another secure
client program.
c.
Click Quick Connect to connect to the Cisco IPICS server.
The Connect to Remote Host window displays.
d.
In the Host field, enter the DNS host name or the IP address for your
Cisco IPICS server; then, press the Tab key.
e.
In the User Name field, enter root.
f.
Click Connect.
The Enter Password window displays.
g.
Enter the password for the root user and click OK.
The SSH Secure Shell Client software window displays.
h.
Mount the contents of the CD onto the server by entering the following
command:
[root]# mount /mnt/cdrom
Note
i.
During the installation process, error messages, such as
cdrom_decode_error, may display when you access the CD. You can
ignore these messages, as they do not affect the installation or operation
of the Cisco IPICS server.
Navigate to the cdrom subfolder in the CD location by entering the following
command:
[root]# cd /mnt/cdrom
j.
To view the installer file, enter the following command:
[root]# ls -l
The directory of the CD displays.
k.
Locate the installer file in the directory listing.
The Cisco IPICS installer file has a .run file extension.
l.
Copy the installer file to the /root directory by entering the following
command:
Cisco IPICS Server Installation and Upgrade Guide
2-22
OL-12985-01
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
[root]# cp /mnt/cdrom/<installerfilename>.run /root
where:
<installerfilename>.run represents the name of the .run file that was
displayed in Step j.
The installer file copies from the CD to the /root directory.
m.
Navigate from the /mnt/cdrom directory to an internal directory on your
server by entering the following command:
[root]# cd <serverdirectory>
where:
<serverdirectory> is any internal directory or subdirectory on your server.
n.
To unmount the installation CD and eject it from the disk drive, enter the
following command:
[root]# eject
Note
Step 3
Be aware that you must navigate away from the /mnt/cdrom directory
and enter the eject command to unmount the contents of the CD and eject
the CD from the server. If you try to eject the CD by pushing the eject
button on the server, the CD will not eject.
To transfer the file to the server from a remote location, follow these steps:
a.
Insert the Cisco IPICS installation CD in the CD drive of your PC.
b.
Choose Start > Programs > SSH Secure Shell > Secure File Transfer
Client to open the Secure File Transfer Client.
Note
If you do not have Secure File Transfer Client installed on your PC, use
another program that permits a secure file transfer session between your
PC and the server.
The SSH Secure Shell File Transfer Client window displays. The desktop of
your PC displays in the left pane.
c.
Click Quick Connect to connect to the Cisco IPICS server.
The Connect to Remote Host window displays.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-23
Chapter 2
Installing Cisco IPICS
Installing the Cisco IPICS Server Software
d.
In the Host field, enter the DNS host name or the IP address for your
Cisco IPICS server. Then, press the Tab key.
e.
In the User Name field, enter root.
f.
Click Connect.
The Enter Password window displays.
g.
Enter the password for the root user and click OK.
The SSH Secure Shell File Transfer Client connects to the Cisco IPICS server
and displays the contents of the /root directory in the right pane of the
window.
h.
In the left pane of the window, navigate to the folder on your PC that
corresponds to the location of the Cisco IPICS installation CD (for example,
My Computer\Compact Disk Z:).
i.
Double-click the CD folder to browse the contents of the CD.
The contents of the CD displays.
j.
Double-click the cdrom subfolder to browse its contents.
k.
Locate the installer file in the cdrom subfolder on the CD.
The installer file has an extension of .run.
l.
Drag the installer file from the left pane of the window to the right pane to
initiate the copy procedure.
A progress window displays while the file copies to the /root directory of the
server. After the copy procedure completes, the installer file displays in the
right pane.
m.
Close the SSH Secure Shell File Transfer Client.
Step 4
Open a terminal window to the Cisco IPICS server by using SSH Secure Shell
Client software or similar software.
Step 5
In the User Name field, enter root.
Step 6
Click Connect.
The Enter Password window displays.
Step 7
Enter the password for the root user and click OK.
The SSH Secure Shell Client software window displays.
Step 8
To view the installer file, enter the following command:
Cisco IPICS Server Installation and Upgrade Guide
2-24
OL-12985-01
Chapter 2
Installing Cisco IPICS
Restarting or Shutting Down the Server
[root]# ls -l
The contents of the /root directory display.
Step 9
Locate the installer file in the directory listing.
The Cisco IPICS installer file has a .run file extension.
Step 10
Change the access mode of the installer file by entering the following command:
[root]# chmod 550 <installerfilename>.run
where:
<installerfilename>.run represents the name of the installer file.
Note
Step 11
Entering this command allows the root user ID to read and run the
installer file.
To run the installer from a SSH Secure Shell Client software (or similar software)
window, follow the procedure as described in the “Performing a Direct
Cisco IPICS Server Software Installation” section, starting with Step 9 on
page 2-18.
Restarting or Shutting Down the Server
To restart the server, perform the following procedure:
Caution
Be aware that when you shut down or restart your server, all user communications
terminate. In addition, Cisco IPICS logs out all users who are logged in to the
Administration Console. Therefore, make sure that you only shut down or restart
your server during a maintenance window or other period of system non-use.
Procedure
Step 1
Log in to the Cisco IPICS server with the root user ID by taking one of the
following actions:
•
To log in to the server from the server console, follow these steps:
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-25
Chapter 2
Installing Cisco IPICS
Restarting or Shutting Down the Server
a. Log in to the server by entering root for the user name.
b. When you are prompted, enter the root user password.
•
To log in to the server remotely, follow these steps:
a. Open a terminal window by using SSH Secure Shell Client software or
similar software.
b. Log in to the server by entering the IP address or host name of the server.
c. Log in by using the root user ID by entering root for the user name.
d. When you are prompted, enter the root user password.
A terminal window displays.
Step 2
To reboot the server, enter the following command:
[root]# reboot
The server reboots.
To shut down the server, perform the following procedure.
Note
Cisco recommends that you gracefully shut down the server by performing the
following procedure in lieu of pressing the power button to shut down the server.
Procedure
Step 1
Log in to the Cisco IPICS server with the root user ID.
A terminal window displays.
Step 2
To shut down the running processes in the server, enter the following command:
[root]# shutdown -h <time>
where:
<time> is the time, in seconds, that the shutdown script delays before it begins.
Cisco IPICS Server Installation and Upgrade Guide
2-26
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Tip
To immediately shut down the running processes, enter the following
command:
[root]# shutdown -h now
The server terminates its running processes. If you are directly connected to the
server, the console displays messages as each process terminates.
Step 3
Wait until the shutdown script completes; then, turn the server off by pushing the
power button that is located on the front panel of the server.
Before you turn off the server, verify that the shutdown script has completed by
performing one of the following actions:
•
If you are directly connected to the server by a console connection, wait until
the following text displays:
Power down.
•
Note
If you are remotely connected to the server, wait approximately five minutes
to allow all processes to safely terminate.
You must manually turn off the server at the server location. You cannot
turn off the server by entering CLI commands.
The server shuts down.
Preparing to Use Cisco IPICS
After you complete the software installation, you must complete the following
tasks before you can use Cisco IPICS:
•
Checking the Installation, page 2-28
•
Managing Your Licenses and Certificates, page 2-29
•
Viewing the License Summary Information, page 2-34
•
Installing Third Party Certificates On the Cisco IPICS Server, page 2-40
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-27
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
•
Generating the Cisco IPICS PMC Application Installer, page 2-45
For more information about Cisco IPICS administration and configuration tasks,
refer to the Cisco IPICS Server Administration Guide, Release 2.1(1).
Checking the Installation
Upon completion of the Cisco IPICS server software installation, you should be
able to access the Cisco IPICS Administration Console by logging in via a
supported browser. You can access the Administration Console from any
computer that meets these requirements:
•
Has IP connectivity to the Cisco IPICS server
•
Running either of these operating systems:
– Windows 2000 SP4 or higher
– Windows XP SP2 or higher
•
Note
Running Internet Explorer version 6.0.2
There may be a delay of a few minutes before users can access the Administration
Console after the Cisco IPICS server restarts.
To access the Cisco IPICS Administration Console and check the installation,
perform the following procedure:
Procedure
Step 1
Open a supported Internet browser window on your PC.
Step 2
In the Address field, enter an HTTP over Secure Socket Layer (HTTPS) URL that
contains either the static IP address or the DNS name that you established for your
Cisco IPICS server in the “Installing the Cisco IPICS Operating System” section
on page 2-6.
Enter the URL in the following format:
https://<ipaddress> | <dnsname>
where:
Cisco IPICS Server Installation and Upgrade Guide
2-28
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
<ipaddress> is the IP address of the server and <dnsname> is the host name that
you configured for the server.
A Security Alert window displays.
Note
The Security Alert window displays because Cisco IPICS ships with a
self-signed certificate that is not issued by a Certificate Authority (CA).
If you prefer to replace the self-signed certificate with a third party
certificate that has been issued by a CA, follow the procedure in the
“Installing Third Party Certificates On the Cisco IPICS Server” section
on page 2-40.
Step 3
Click Yes to close the window and access the login screen.
Step 4
Log in by using the ipics user ID and password.
Note
The ipics user ID is the application-level user ID that can perform all
administration-related tasks by using the Administration Console.
The Administration > License Management window displays with a message
that informs you to upload a license file before you can use the system.
To obtain your license file, see the “Obtaining Your License File” section on
page 2-30.
If you are not able to access Cisco IPICS from your browser, see the “You Cannot
Connect to the Server By Using Your Browser” section on page 5-10.
Managing Your Licenses and Certificates
After you install Cisco IPICS, you can log in to the Administration Console, but
you will not be able to use any features until you upload the license file. You use
the Product Authorization Key (PAK) that was included in your Cisco IPICS
product package to obtain a license file.
The license that you purchased is based on the total number of the following
licensable features:
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-29
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Note
•
The concurrent number of land mobile radio (LMR) ports
•
The concurrent number of multicast ports
•
The concurrent number of PMC users
•
The concurrent number of IP phone users
•
The concurrent number of dial users
•
The total number of ops views
To enable the policy engine for use, you are required to obtain a separate license.
The total number of LMR and multicast ports, PMC, IP phone, and dial users, and
ops views cannot exceed the number that is specified in the license or licenses that
you purchased. If you require additional licenses, contact your
Cisco representative.
This section includes the following topics:
•
Obtaining Your License File, page 2-30
•
Uploading the Cisco IPICS License Files, page 2-32
Obtaining Your License File
Your Cisco IPICS product package includes a Software License Claim Certificate
that contains a PAK, which is uniquely created from your sales order. You use this
key to obtain licenses for your Cisco IPICS installation.
You can order your initial licenses any time after you begin the installation
process.
Caution
If you are upgrading from Cisco IPICS release 1.0, your current license is not
compatible with Cisco IPICS release 2.1(1). Contact your authorized Cisco
representative to obtain new licenses for Cisco IPICS release 2.1(1). If you are
upgrading from release 2.0(2), you may use your current license(s), which are
valid for use with Cisco IPICS release 2.1(1).
To use your PAK to obtain your Cisco IPICS licenses, perform the following
procedure:
Cisco IPICS Server Installation and Upgrade Guide
2-30
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Procedure
Step 1
Locate your Software License Claim Certificate that was included in your
Cisco IPICS product package. Look for the PAK at the bottom of this certificate.
Note
Step 2
If you ordered your Cisco IPICS server software directly from Cisco,
your package may include only one PAK. However, if you purchased
Cisco IPICS through a distributor or reseller, you should have several
individual packages, each with its own PAK. In this case, you must
process all of your PAKs individually. Cisco sends you a license file for
each one.
Retrieve the MAC address that you noted during the Cisco IPICS operating
system installation.
If you misplaced the MAC address, complete Step 30 in the “Installing the
Cisco IPICS Operating System Software” section on page 2-7 to obtain it.
Step 3
Order a license by accessing Cisco.com at the following URL:
http://www.cisco.com/go/license
You must have a valid Cisco.com user ID and password before you can access this
URL.
After you process your license order, Cisco.com sends you an e-mail with the
license file as an attachment. If you processed several separate PAKs, Cisco.com
sends you several e-mail responses with a license file attached to each one. When
you upload these files, Cisco IPICS adds the licenses from each file and monitors
your system activity based on the aggregated license files.
Step 4
Save the license file to your PC by performing the following steps:
a.
Open the e-mail that contains the license file attachment.
b.
Right-click the license file attachment in the e-mail.
c.
Click Save As.
The Save Attachment window displays.
d.
Select the folder on your PC where you would like to download the license
file.
e.
Ensure that the following values appear in the fields of the Save Attachment
window:
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-31
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
– The file name of the license appears with a .lic file type in the File name
field.
– All Files (*.*) appears in the Save as type field.
f.
Click Save.
The e-mail program downloads the license file to your PC.
Note
Step 5
Cisco IPICS does not support the editing or modification of the license
file name or file type. If you change the license file name or use an
extension other than .lic, you may invalidate your license and cause the
system to become inoperable.
Upload the Cisco IPICS license.
See the “Uploading the Cisco IPICS License Files” section on page 2-32 for
instructions about uploading the Cisco IPICS license file.
After you upload your license file, the license manager processes the new licenses
and updates the total number of licenses.
Step 6
If you require additional licenses, contact your distributor or reseller to purchase
the licenses.
Uploading the Cisco IPICS License Files
After you receive your license file(s), you can upload them by accessing the
Administration > License Management window in the Cisco IPICS
Administration Console.
Note
When you upload a license file, Cisco IPICS places the file in the following
directory:
/root/tomcat/current/webapps/license
To upload license file(s), perform the following procedure:
Cisco IPICS Server Installation and Upgrade Guide
2-32
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Procedure
Step 1
Open a supported browser window on your PC.
Step 2
In the Address field in the browser, enter an HTTPS URL that contains either the
IP address or the DNS name of your Cisco IPICS server in the following format:
https://<ipaddress> | <dnsname>
where:
<ipaddress> is the IP address of the server and <dnsname> is the host name that
you configured for the server.
A Security Alert window displays.
Step 3
Click Yes to close the window and access the login screen.
The Cisco IPICS Login window displays.
Step 4
Log in to the Cisco IPICS server by using the ipics user ID and password.
The system prompts you to upload the license file.
Note
The system does not prompt you to upload a license file if you have
previously uploaded a license file. If you are not prompted to upload the
license file, navigate to Administration > License Management from
the Server tab in the Administration Console.
The License Management window displays.
Step 5
Click Browse, then navigate to the license file that you downloaded to your PC.
Step 6
Select the license file and click Open.
Step 7
Click Upload to upload the license file to the server.
The license manager processes the new license.
Step 8
Click Apply.
Cisco IPICS associates the license file with the server and restarts the license
manager. The updated license information displays in the License Summary pane
in the License Management window.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-33
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Note
Step 9
After you click Apply, there may be a delay of a few minutes before you
can access the Administration Console.
If you have more than one license file, repeat Step 5 through Step 8 until you have
uploaded all license files.
Tip
Cisco recommends that you click Apply after you upload each license
file, so that you can more easily track the progress of the upload process.
Note
Cisco IPICS does not overwrite older license files with newer license
files. You can purchase additional features by obtaining a new license;
when you upload and apply the new license, Cisco IPICS adds the new
license features to the existing license features.
As a best practice, Cisco recommends that you remove old license file(s)
whenever license changes occur (such as when you replace a time-bound
license with a permanent license). For information about deleting
time-bound licenses, see the “Deleting Older Time-Bound Licenses from
the Server” section on page 2-38.
Viewing the License Summary Information
From the Administration > License Management > Summary tab in the
Administration Console, you can access the License Summary pane to view the
licensed features for your system. This pane also displays license information for
the Cisco IPICS Base Server License and the Policy Engine Base License.
To understand how Cisco IPICS features use the available licensed features, see
the “Tracking Your License Usage” section on page 2-35.
Cisco IPICS Server Installation and Upgrade Guide
2-34
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Note
The data that displays in the License browser window shows the usage at the time
that the license window was last accessed. To view the most current license
information, refresh your browser window. Make sure to refresh your browser
window often and before you perform any server administration functions to
ensure that you are working with the most current information. If you attempt to
perform an administration update in a window that does not display the most
current data, the update does not succeed, and Cisco IPICS displays an error. If
you receive an error, refresh your browser window and retry the operation.
This section includes the following topics:
•
Tracking Your License Usage, page 2-35
•
Managing Time-Bound Licenses, page 2-37
Tracking Your License Usage
Table 2-1 describes the criteria that Cisco IPICS uses to determine license usage
for ports, PMCs, IP phones, the policy engine, and ops views.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-35
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Table 2-1
Cisco IPICS License Usage Criteria
Field
Description
Concurrent
LMR Ports
An enabled channel or radio uses an LMR port license. After
an administrator disables a channel or radio, the server
releases the LMR license and makes it available for use.
Associating a radio and channel selector combination with a
channel does not affect license usage.
Cisco IPICS bases license usage for channels on the unique
combination of a multicast address and a location. If a
channel uses two multicast addresses, the single channel uses
two licenses. If an administrator removes one of the multicast
addresses, the system releases one of the licenses so that the
port now uses one license.
Concurrent
Multicast Ports
An activated VTG uses a multicast port license. After an
administrator deactivates a VTG, the server releases the
multicast license and makes it available for use.
Note
Concurrent
PMC Users
Be aware that an inactive VTG uses a license when a
policy triggers (activates) that VTG. Therefore, if the
number of licenses has been exceeded, the policy is
not able to activate the VTG. Make sure that the
server has a sufficient number of licenses available
for the configuration of policies.
A PMC user uses a license each time that the user logs in to
a PMC session.
If the same PMC user logs in to multiple PMC sessions from
different PMC client machines, that user uses multiple
licenses (one for each PMC session).
Note
If you use all of the available PMC licenses,
Cisco IPICS interrupts PMC user access to the
system. Make sure that you are aware of the current
status of PMC licenses, and purchase and install
additional licenses immediately if you use all of the
available PMC licenses.
Cisco IPICS Server Installation and Upgrade Guide
2-36
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Table 2-1
Cisco IPICS License Usage Criteria (continued)
Field
Description
Concurrent
Cisco Unified
IP Phone Users
An IP phone user uses a license each time that a user logs in
to Cisco IPICS from an IP phone. If you use all IP phone
licenses, additional IP phone users cannot dial into a channel
or VTG.
Concurrent Dial The policy engine uses a license each time the dial engine
Users
performs a dial-in or dial-out action. If you use all dial user
licenses, the dial engine cannot perform additional dial-in or
dial-out actions.
Cisco IPICS
Ops View
If you have purchased a license that includes additional ops
view functionality, each ops view that you create uses one
license.
Cisco IPICS
Base Server
License
License usage does not apply to this field. This field displays
whether you have a base license for Cisco IPICS.
Policy Engine
Base License
License usage does not apply to this field. This field indicates
whether you have a base license for the policy engine.
Managing Time-Bound Licenses
Cisco IPICS also includes support for time-bound licenses. Time-bound licenses,
such as evaluation or demonstration licenses, differ from purchased
(non-time-bound) licenses in that they include a preconfigured license expiration
date.
When a time-bound license is about to expire (about 30 days before expiration),
Cisco IPICS displays a warning message to alert you of the upcoming expiration.
Note
If you install a more recent time-bound license on your server, you may see this
warning message if additional unexpired time-bound licenses are installed and
you have not dismissed this warning. To suppress this warning message, delete the
older, unexpired licenses that are installed on your server. For more information,
see the “Deleting Older Time-Bound Licenses from the Server” section on
page 2-38.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-37
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
•
When a license feature expires, the relevant functionality of that license
becomes disabled.
•
After your license expires, it remains valid for a maximum of 24 hours after
the expiration date. (The server checks for expired licenses every 24 hours.)
•
After you install the Cisco IPICS server software, Cisco IPICS invalidates
time-bound licenses when you change the system date to a date that is before
the license start date. Invalid licenses cause the Cisco IPICS system to
become inoperable.
Note
You must restart the license manager, or reboot the server, for system date
changes to become effective.
To restart the license manager and revalidate the license(s), perform the following
procedure:
Procedure
Step 1
Open a terminal window and log in using the root user ID.
Step 2
Restart the license manager by entering the following command:
[root]# service ipics_lm restart
Step 3
To revalidate the license(s), navigate to Administration > License
Management; then, click Apply to restart the license server.
Deleting Older Time-Bound Licenses from the Server
If you receive license expiration warning messages, and you have more than one
unexpired time-bound license installed, you must delete the older time-bound
licenses to suppress this warning message. To delete time-bound licenses, perform
the following procedure:
Procedure
Step 1
Open a terminal window and log in by using the root user ID.
Cisco IPICS Server Installation and Upgrade Guide
2-38
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Step 2
Navigate to the directory where Cisco IPICS stores the license files by entering
the following command:
[root]# cd tomcat/current/webapps/license
Step 3
View the license files by entering the following command:
[root]# ls -l *.lic
The license files display with the time and date that the license was last modified.
Step 4
Make a note of the licenses that you no longer need.
The time and date that displays with the file information might assist you with
determining which files you need to delete.
Step 5
Delete the unnecessary license files by entering the following command:
[root]# rm <licensefilename>.lic
where:
<licensefilename>.lic is the name of the license file that you want to delete.
Caution
Make sure that you do not delete the cisco.opt file. This file is required for the
correct operation of Cisco IPICS.
Step 6
Repeat Step 5 for each license file that you need to delete.
Step 7
Restart the server by entering the following command:
Step 8
[root]# service ipics restart
Step 9
Log in to the Administration Console by using the ipics user ID and navigate to
the Administration > License Management window.
Step 10
To apply the license deletions to the system configuration, click Apply.
Step 11
If a message displays that indicates that a license is about to expire, click Dismiss
Warnings.
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-39
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Installing Third Party Certificates On the Cisco IPICS Server
The Cisco IPICS server ships with a self-signed certificate. However, you may
replace this certificate with a customer-specific, third party certificate that has
been issued by a CA. A CA, as a trusted third party, issues and manages digital
certificates that provide enhanced security by verifying the credentials of the user,
organization, server, or other entity as specified in the certificate. VeriSign,
Thawte, and Entrust are examples of CAs.
The following topics include information about requesting a third party certificate
and installing the certificate on the Cisco IPICS server:
•
Requesting a Third Party Certificate, page 2-40
•
Installing a Third Party Certificate, page 2-43
Requesting a Third Party Certificate
To request a third party certificate, perform the following procedure:
Procedure
Step 1
Log in to the Cisco IPICS server by using the root user ID.
The Cisco IPICS operating system logs you in as the root user.
Step 2
Copy the tomcat.keystore file to the /root directory by entering the following
command:
[root]# cp /root/tomcat/current/conf/tomcat.keystore /root
The tomcat.keystore file maintains all of the certificates for the server.
Step 3
Change to the /root/tomcat/current/conf/ directory by entering the following
command:
[root]# cd /root/tomcat/current/conf/
Step 4
Run the following command to delete the existing entry:
[root@ipics-server]# keytool -delete -alias tomcat -keystore tomcat.keystore
Step 5
When the system prompts you to enter the keystore password, enter the default
password, changeit.
Cisco IPICS Server Installation and Upgrade Guide
2-40
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Step 6
Run the following command to generate the new key that will be used for the
Certificate Signing Request (CSR):
[root@ipics-server]# keytool -genkey -alias tomcat -keyalg RSA -keystore
tomcat.keystore -validity 360
The validity may vary based on the number of days that the certificate needs to be
valid.
Note
Step 7
Make sure that you enter the correct information so that the CA generates
a valid certificate for your system.
Enter your responses to the following system prompts:
Enter keystore password:
What is your first and last name?
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your City or Locality?
What is the name of your State or Province?
What is the two-letter country code for this unit?
Note
The information that you enter may vary depending on the CA that you
use. For example, for the first and last name response, VeriSign requires
that you enter the fully-qualified hostname of your Cisco IPICS server in
the format of server.domain.com. For the name of your state or province,
VeriSign requires that you spell out the complete name in lieu of using the
abbreviated form.
Tip
The default keystore password is changeit.
The following is an example of the information that the system displays:
Is CN=username, OU=user company name, O=user company name, L=user
city, ST=user state, C=user country correct? [no]:
Step 8
Enter y or yes if the information is correct.
Step 9
When the system displays the following message, press Enter to accept the
default password:
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-41
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Enter key password for <tomcat>
(RETURN if same as keystore password):
where <tomcat> is the default alias for the certificate
Note
Step 10
The system requires that you use the same value for the key password and
the keystore password. If you enter different passwords, the Tomcat
server will not be able to successfully restart. (When these passwords are
the same, the system does not prompt you again for the key password.)
Run the following command to create the CSR file:
[root@ipics-server]# keytool -certreq -alias tomcat -keyalg RSA -file
certrequest.csr -keystore tomcat.keystore
Step 11
When the system prompts you to enter the keystore password, enter the default
value of changeit:
Enter keystore password:
Upon entry of the correct password, the system creates the CSR. (If you enter an
incorrect password, the system displays an error.)
Note
Step 12
You need to use the text from this CSR file when you request the
certificate. See Step 12.
Copy the certrequest.csr file to your local workstation.
Depending on the CA that you use, you may need to copy and paste the contents
of the certrequest.csr file into your browser or you may need to upload the CSR
file to request the certificate.
Note
If the CA does not accept your certificate request, repeat this procedure
from Step 3 to regenerate your certificate request with the necessary
modifications.
Cisco IPICS Server Installation and Upgrade Guide
2-42
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Step 13
After you receive the certificate from the CA, continue with the procedure in the
“Installing a Third Party Certificate” section on page 2-43 to install the third party
certificate.
Installing a Third Party Certificate
To install a third party certificate on the server, perform the following procedure:
Procedure
Step 1
Depending on the format in which you receive the certificate, take one of the
following actions:
•
If you receive the certificate file directly from the CA, rename the file to
thirdparty.cer
•
If you receive the certificate enclosed in an email, create a new file named
thirdparty.cer (this file must contain only the certificate contents of the
email)
CAs may use different procedures to send root CA certificates. Some CAs embed
the root CA certificate into the certificate that they provide to you; other CAs
provide the root CA certificate separately. (The root CA certificate allows you to
establish a chain of trust from the CA to the third party certificate on your server.)
Step 2
Depending on the format in which the CA provides the root CA certificate, take
one of the following optional actions:
•
If you download the root CA certificate file directly from the CA website,
rename the file to thirdpartyca.cer
•
If the CA provides the root CA certificate enclosed in a web page, create a
new file named thirdpartyca.cer (this file must contain only the root CA
certificate contents of the web page)
Step 3
Copy the thirdparty.cer file (and the optional thirdpartyca.cer file) from the
local workstation to the /root/tomcat/current/conf/ directory on the server by
using Secure FTP.
Step 4
To verify that you are still in the /root/tomcat/current/conf/ directory, enter the
following command:
[root]# cd /root/tomcat/current/conf/
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-43
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Step 5
If you received a separate root CA certificate, install it first by executing the
following command:
[root@ipics-server]# keytool -import -alias thirdpartyca -keystore
tomcat.keystore -trustcacerts -file thirdpartyca.cer
Step 6
When the system prompts you to enter the keystore password, enter changeit.
Step 7
Enter yes to trust the certificate when the system displays the following prompt:
Trust this certificate? [no]:
The certificate installs and the following message displays:
Certificate was added to keystore
Step 8
To install the certificate, run the following command:
[root@ipics-server]# keytool -import -alias tomcat -keystore tomcat.keystore
-trustcacerts -file thirdparty.cer
Step 9
When the system prompts you to enter the keystore password, enter changeit.
The following error message displays if you did not install the root CA certificate
(and it was required):
keytool error: java.lang.Exception: Failed to establish chain from
reply
If you encounter this error, contact the CA to locate the root CA certificate; then,
repeat this procedure from Step 5.
Step 10
Enter yes to trust the certificate when the system displays the following prompt:
Trust this certificate? [no]:
The certificate installs and the following message displays:
Certificate reply was installed in keystore
Step 11
From root, enter the following command to restart the Tomcat web server:
[root]# service ipics_tomcat restart
Step 12
Verify that the certificate has been installed by executing the following command.
[root@ipics-server]# keytool -list -keystore tomcat.keystore
Step 13
When the system prompts you to enter the keystore password, enter the default
value of changeit.
Cisco IPICS Server Installation and Upgrade Guide
2-44
OL-12985-01
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
The system displays the certificate information, as shown in the following
example:
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entries
Tomcat, May 12, 2006, keyEntry,
Certificate fingerprint (MD5):
88:88:1A:34:38:0A:27:6F:B9:87:CA:8F:36:66:C4:73
If you installed the root CA certificate, the system display indicates that the
keystore contains two entries, as shown in the following example:
Your keystore contains 2 entries
thirdpartyca, May 20, 2006, trustedCertEntry,
Certificate fingerprint (MD5):
B6:9D:A4:40:52:02:50:0D:D5:9C:E1:B8:4B:66:C4:AC
...
Note
The fingerprint may vary based on your system.
Generating the Cisco IPICS PMC Application Installer
PMC users download the PMC installer from the Cisco IPICS Administration
Console. Before a user can download the PMC installer from the server, you must
first generate the PMC installer.
For more information about generating the PMC installer and managing PMC
updates, refer to the “Generating the PMC Installer” and “Managing PMC
Versions” sections in the “Performing Cisco IPICS System Administrator Tasks”
chapter in the Cisco IPICS Server Administration Guide, Release 2.1(1).
Cisco IPICS Server Installation and Upgrade Guide
OL-12985-01
2-45
Chapter 2
Installing Cisco IPICS
Preparing to Use Cisco IPICS
Cisco IPICS Server Installation and Upgrade Guide
2-46
OL-12985-01

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz