This section contains instructions on how to install or upgrade NetServer. The following details are available:
Before installing NetServer, you should have already installed your RADIUS AAA server or NAS, and configured and tested the appropriate databases to authenticate your own local users.
You should have the following information:
In addition, you should make sure that you have access to the following:
A host running NetServer 6.0.0 must meet these requirements:
The NetServer installation process requires these system resources:
NetServer 6.0.0 is supported on following platforms:
The list of RADIUS servers with which NetServer is interoperable includes, but is not limited to:
Additional operational requirements include:
If NetServer 6.0.0 is installed behind a firewall or other network address translation device, you must enable the firewall rules shown in the following table. Notes at the end of the table give more information.
Purpose | Inbound | Source IP(s) | Destination IP(s) | IP | Port | Protocol |
---|---|---|---|---|---|---|
iPass Transaction Center auth-apac.ipass.com(Hong Kong,CN) | x | 216.239.98.126 | 9101 | TCP/IP | ||
iPass Transaction Center auth-sjc.ipass.com(San Jose,CA) | x | 216.239.108.126 | 9101 | TCP/IP | ||
iPass Transaction Center auth7.ipass.com(Atlanta,US) | x | 216.239.111.126 | 9101 | TCP/IP | ||
iPass Transaction Center auth8.ipass.com(London,UK) | x | 216.239.105.126 | 9101 | TCP/IP | ||
iPass Transaction Center auth5.ipass.com(Santa Clara, US) | x | 216.239.99.126 | 9101 | TCP/IP |
Purpose | Inbound | Outbound | Source IP(s) | Destination | Port | Protocol | Notes |
---|---|---|---|---|---|---|---|
Monitoring | x | 216.239.99.200 | 1984 | TCP/IP | |||
Monitoring | x | 216.239.99.200 | 1984 | ICMP(ping) | |||
Monitoring | x | 216.239.100.200 | 1984 | TCP/IP | |||
Monitoring | x | 216.239.100.200 | 1984 | ICMP(ping) | |||
Configuration Upload Server | x | 216.239.111.209 216.239.111.200 | 9101 | TCP/IP | NetServer sends its configuration file on a regular basis to the Configuration Upload Servers. | ||
Software Update Server | x | 216.239.99.209 216.239.99.200 | 9101 | TCP/IP | NetServer periodically checks for software updates on Update Server. | ||
SSH access for troubleshooting and routine maintenance. | x | 216.239.97.227 | 22 | TCP/IP | SSH access from the iPass Operations Center should be allowed for troubleshooting and routine maintenance. |
NetServer 6.0.0 supports the following RADIUS attributes:
Graceful Forwarding: NetServer authentication and accounting will drop attributes that are not listed in RFC 2865 and 2866, but packets are still forwarded.
The installation process consists of downloading the installation file and then installing the software.
You will need to download NetServer installation file from our secure FTP site. Contact your iPass installation engineer for your FTP username and password.
To download the NetServer installation file:
This guide uses the term <NS_Home> for the NetServer 6.0.0 installation directory. The default is /usr/ipass/netserver/current_version.
To install the NetServer 6.0.0 directories:
If you are upgrading to NetServer 6.0.0 from version 5.x, the Migration Tool has to run manually post installation process. The Migration Tool will convert your old configuration file into the new ipassNS.properties adding newly added properties in 6.0.0, and copy certificates and keys from the old installation into KeyStores.
1. Migrating from NetServer 5.x to 6.0.0: Type ./ns_migration_tool.csh under /usr/ipass/netserver/6.0.0/bin
For example, cd /usr/ipass/netserver/6.0.0/bin and run : ./ns_migration_tool.csh. It will prompt you for the path to migrate files from. Enter NS5.x path /usr/ipass/netserver/5.x. It should migrate ipassNS.properties file,certs and keys from 5.x version to 6.0.0 and it will add new attributes to ipassNS.properties as below:
2. Once migration is done run create_link.sh script from the path “/usr/ipass/netserver/6.0.0/.scripts” to create soft link( It will create soft link under “/usr/ipass/netserver/current_version”).
3. Run init.sh script from /usr/ipass/netserver/current_version/bin to create RC scripts.
The script NetServerd is not included in the Migration Tool process, so command line options it contains will not be carried over to the new version of NetServer. This may trigger the following issues:
Non-Default Ports: The NetServer 6.0.0 Migration Tool assumes that your NetServer runs on the default port of 11811. If this is not the case, after you run the Migration Tool, you will need to edit the following attributes in the ipassNS.properties file:
If you need to roll back your NetServer 6.0.0 installation to a previous 5.x version, follow the appropriate procedures listed here.
These instructions assume that NetServer 5.x is installed in /usr/ipass/netserver/5.x, and NetServer 6.0.0 is installed in /usr/ipass/netserver/current_version.
To rollback NetServer 6.0.0:
Uninstalling NetServer 6.0.0
To bind to a local IP for outgoing requests to the Transaction Servers, you need to configure the LocalIpAddress attribute of your IpassServers property:
To view iPass Transaction Server information, type: <NS_HOME>/bin>ipassconfig.csh -help IpassServer
Sample format ofIpassServer:
IpassServer1 = name11=value11,name12=value12,…
IpassServer2 = name21=value21,name
See the Property Glossary for more information on configuring this value.
Go to: Other Product Documents > NetServer Admin Guide