3

Working with the Setup Utility

• Using the Setup utility
• Gathering configuration information
• Starting the Setup utility
• Configuring settings for the management web server
• Confirming your configuration settings
• Committing your configuration settings to the system
• Accessing the Configuration utility

Using the Setup utility

The Setup utility is a wizard that walks you through a brief series of tasks to complete the required configuration for the GLOBAL-SITE Controller. The utility has you do things like define a root password and configure IP addresses for the network interfaces.

The Setup utility's three phases are: configure, confirm, and commit. Each phase walks you through a series of screens, so that you can configure the following settings:

• End-user software license
• Root password
• Settings for optional technical support access
• Host name
• Default route
• Network interface(s)
• Nameserver
• NTP server
• Time zone
• System time
• SSH
• Telnet
• FTP log file access
• Password for management web server
• Settings for the GLOBAL-SITE web server (port number and web certificate)
• Self-signed SSL certificate information
• LDAP server
• gsite password
• GLOBAL-SITE Identifier

First, you configure all of the required information. Next, you have the opportunity to correct, if necessary, and confirm each individual setting that you have configured. Last, your confirmed settings are committed and saved to the system.

Gathering configuration information

Before you run the Setup utility on a specific GLOBAL-SITE Controller, you should have the following information ready:

• Passwords for the root system, for the GLOBAL-SITE web server, for the GLOBAL-SITE Controller, and for technical support access (optional)
• Host name for the GLOBAL-SITE Controller
• A default route (typically a router's IP address)
• Settings for the network interfaces, including IP addresses, media type, and custom netmask
• The IP address or IP address range for remote administrative connections

Starting the Setup utility

The Setup utility starts automatically when you turn on the GLOBAL-SITE Controller (the power switch is located on the front of the controller). The first screen the controller displays is the License Agreement screen. You must scroll through the screen, read the license, and accept the agreement before you can move to the next screen. If you agree to the license statement, the next screen you see is the Welcome screen. From this screen, simply press any key on the keyboard, to start the Setup utility, and then follow the instructions on the subsequent screens to complete the process.

Note: You can change any configurations at a later time using the ITCMconsole command line utility. See Chapter 6, ITCMconsole Command Line Interface , for more information.

Defining a root password

You gain administrative access to the GLOBAL-SITE Controller by using a root password. The root password must contain a minimum of 6 characters, but no more than 15 characters. Passwords are case-sensitive, and we recommend that your password contain a combination of uppercase and lowercase characters, as well as special characters. Once you type a password, the Setup utility prompts you to confirm your root password by typing it again. If the two passwords match, your password is immediately saved. If the two passwords do not match, you receive an error message asking you to re-type your password.

Note: The root password is the only setting that is saved immediately, rather than confirmed and committed at the end of the Setup utility process. You can change the root password from the ITCMconsole, after the Setup utility completes and you reboot the GLOBAL-SITE Controller. (To change the root password after initial configuration, you use the ITCMconsole command user. See user, on page 6-32 for more information.) You can change other system settings when the Setup utility prompts you to confirm your configuration settings, or at a later time using the ITCMconsole.

Allowing Technical Support

If you want to allow Technical Support access to your GLOBAL-SITE Controller, choose to enable a Technical Support account. The next screen asks you to set and confirm the tech support password, which can be between 6 and 15 characters long. If you do not want a Technical Support account, the next screen opens.

Defining a host name

The host name identifies the GLOBAL-SITE Controller itself. Host names must be in the format of a fully-qualified domain name. Host names may contain letters, numbers, and the symbol for dash ( - ), however, they may not contain spaces. For example, if the controller's label is controller1, then you define the host name as controller1.yourdomain.com.

Configuring a default route

If a GLOBAL-SITE Controller does not have a predefined static route for network traffic, the controller automatically sends traffic to the IP address that you define as the default route. Typically, a default route is set to a router's IP address.

Configuring the interfaces

The Setup utility lists the interfaces that are available to configure. Use the arrow keys to move to the interface you want to configure. Type the IP address and netmask, and select the media type for the interface. You must configure at least the eth0 interface. Use the keyboard key C to continue with the Setup utility once you are through configuring interfaces.

• IP address
  This is the IP address of the controller itself.
• Netmask
  Type a netmask appropriate to the subnet indicated by the IP address.
• Media type
  The media type options depend on the network interface card included in your hardware configuration.

Configuring nameserver

Type an external nameserver to forward DNS requests to.

Configuring NTP clocks

You can synchronize the time on your GLOBAL-SITE Controller to a public time server by using Network Time Protocol (NTP). NTP is built on top of IP and assures accurate, local timekeeping with reference to clocks located on the Internet. This protocol is capable of synchronizing distributed clocks, within milliseconds, over long periods of time. If you choose to enable NTP, make sure UDP port 123 is open in both directions and the GLOBAL-SITE Controller is behind a firewall.

Configuring a time zone

Configuring a time zone ensures that the clock for the GLOBAL-SITE Controller is set correctly, and that dates and times recorded in log files correspond to the time zone of the system administrator. Scroll through the time zone list to find the time zone closest to your location. Note that one option may appear with multiple names.

Configuring system time

While you do not have to set the system time during the Setup utility, we strongly recommend you set it now or at some point. If your system time is incorrect, scheduled publications may not get published when you think they should.

Configuring remote administration

When you configure remote administration, the first screen you see is the Configure SSH screen, which prompts you to type an address for ssh command line access.

The Setup utility prompts you to enter a single IP address, or a range of IP addresses, from which the GLOBAL-SITE Controller can accept administrative connections (either remote shell connections, or connections to the GLOBAL-SITE web server). The following example demonstrates how to specify a range of IP addresses and allows remote administration from all hosts on the 192.168.2.100 subnetwork:

192.168.2.*

Configuring services

Choose to configure any or all of the following:

• Telnet
  Turn Telnet on or off, and set allowed hosts for Telnet. The default is off.
• FTP
  Turn FTP on or off. The default is off. Turning FTP on enables FTP access to the GLOBAL-SITE Controller, therefore we recommend you choose to keep FTP turned off.

Configuring settings for the management web server

The GLOBAL-SITE web server requires that you define a domain name for the server, a user ID, and a password. The GLOBAL-SITE web server hosts the web-based Configuration utility. The information that you configure in these screens allows you to access the Configuration utility from a web browser on your workstation.

The Setup utility guides you through a series of screens to set up web server access:

• The first web server screen prompts you for a user name (the default is gsite) and a password. The password does not show on screen as you type it. The utility prompts you to enter the password again for confirmation purposes.
• The next web server screen prompts you to set web access. Enter the IP addresses that are permitted access to your web-based user interface, or type all to allow all access.
• The certification screen prompts you to enter the management port number (the default is 443), country, state, city, company, and division information used for the authentication certificate.

Configuring GLOBAL-SITE web server passwords

You can add additional web users or change the password for this web user account with the ITCMconsole webuser command. See webuser, on page 6-35 for more information.

Configuring the LDAP server

The GLOBAL-SITE Controller uses LDAP authentication. You have the choice of setting up a common authentication and authorization data store locally for the GLOBAL-SITE Controller, or using a remote LDAP server that you have already configured. Choose Standalone or Master server if the controller is to be the local LDAP server, or Remote LDAP server if you already have an LDAP server you want to use. If you choose a remote LDAP server, you must provide the host name and password for that server.

Defining a gsite password

Enter a password that is between 6 and 15 characters long. You only use the gsite password when you log into the GLOBAL-SITE Controller as gsite to access the GLOBAL-SITE command line utilities. Those utilities are separate from the ITCMconsole command line utility. You can configure everything you need on the web-based user interface or from the ITCMconsole and should rarely, if ever, need to access this other command line utility.

Entering the GLOBAL-SITE Identifier

You should have received a GLOBAL-SITE Identifier from your support representative. Type that number here. If you do not have an Identifier, please contact Technical Support.

Confirming your configuration settings

At this point, you have entered all the configuration information, and now you confirm each setting. Each confirmation screen displays a setting and prompts you to either accept or re-enter it. If you choose to edit the setting, the utility displays the original configuration screen in which you defined the setting the first time. When you finish editing the item, you return directly to the Confirmation screen for that item, and continue the confirmation process. Note that once you accept a setting in the Confirmation screen, you do not have another opportunity to review it before the commit phase.

You confirm or edit the settings in the same order that you configured them. Once you have confirmed the last setting, the Setup utility moves directly into the commit phase, where you are not able to make any changes.

Committing your configuration settings to the system

Once you confirm all of the configuration settings, the Setup utility saves them. If you want to change any information at a later time, you can change certain settings in the web-based user interface, or you can change the settings using the ITCMconsole command line utility.

Accessing the Configuration utility

After you run the Setup utility and the controller reboots, you can access the Configuration utility and the ITCMconsole command line interface.

You access the Configuration utility by typing the IP address or host name of your GLOBAL-SITE Controller in the address box of a browser, for example: https://mygsite.dev.net. If you are running the GLOBAL-SITE option on an EDGE-FX Cache, you must add a colon (:) and the port number (8443) to the IP address or host name, for example: https://myedge.dev.net:8443.

Note: Be sure to use the secure https:// or you cannot access the controller.

To access the ITCMconsole command line interface you must be logged in as the root user. From the command prompt, type ITCMconsole, to open the ITCMconsole shell. For more information about the ITCMconsole, please see chapter 6, ITCMconsole Command Line Interface .