You are on page 1of 51

Acceptance Test Plan

Version 1.0
March 11, 2015

Bridgewater ATP

Version 1.0

The manufacturer (MFR) reserves the right to make changes to this document and the products which it describes without notice. The
MFR shall not be liable for technical or editorial errors or omissions made herein; nor for incidental or consequential damages resulting
from the furnishing, performance, or use of this material or of the accompanying Software or any files derived from the Software.
Bridgewater Systems Corporation
303 Terry Fox Dr.
Suite 500
Ottawa, Ontario
Canada K2K 3J1
Phone: +1 613 591-6655
Fax: +1 613 591-6656
http://www.bridgewatersystems.com
Bridgewater Systems Technical Support
North America: 1-877 943-3772
Mexico: 00-1-800-514-3772
International: 1-800 943-37726
support@bridgewatersystems.com
Bridgewater and the Bridgewater logo are trademarks of Bridgewater Systems Corporation.
Other company or product names referenced may be the trademark or registered trademark of their respective
companies.
©1997-2007 Bridgewater Systems Corporation. All rights reserved.

Table 1.

Revision History

Date

Release

Version

Comments

March 11, 2015

1.0

1.0

Original

Related Bridgewater documents
AAA Service Controller API Guide
AAA Service Controller User Guide
Bridgewater Installation Guide
Bridgewater SNMP Guide
Master Glossary
Monitoring and Logging User Guide
Oracle Database Reference Guide
Resource Management Server User Guide
Revenue Collector and Formatter Administrator Guide
Service Manager User Guide
These documents are available on the Bridgewater external web site:
www.bridgewatersystems.com.

Release 1.0

March 11, 2015

Page 2

Bridgewater ATP

Version 1.0

Contents
Introduction.................................................................................................................... 4
Prerequisites...................................................................................................................... 4
Time required..................................................................................................................... 4
Documentation................................................................................................................... 4
Customer-specific packages....................................................................................4

Pre-installation tasks.....................................................................................................5
Jumpstart the servers........................................................................................................ 5
Verify the DVD or FTP site contents..................................................................................5
Create a directory for the packages...................................................................................5
Copy the packages and scripts from the DVD or FTP site.................................................5
Operating system setup check lists...................................................................................6
Remote access......................................................................................................... 6
Server information................................................................................................... 6

Install the Oracle database............................................................................................7
Install the database package.............................................................................................7
Start or stop the daemon................................................................................................... 7
Verify the database type and confirm that it responds to requests....................................7
Check for broken database jobs, including replication and purging jobs...........................8
Check the log file............................................................................................................... 8

Install the packages.......................................................................................................9
TimesTen database............................................................................................................ 9
RMS................................................................................................................................. 10
SNMP.............................................................................................................................. 10
Verify the SNMP process........................................................................................11
Check the MIBs...................................................................................................... 11

March 11, 2015

Page 1

Bridgewater ATP

Version 1.0

Installation troubleshooting........................................................................................12
Shutting down the server................................................................................................. 12
Destination for email messages.......................................................................................12
BWSraddmu.................................................................................................................... 13
BWSwsoc Oracle Client package....................................................................................13

Set up the server for testing.......................................................................................14
Configure the Provisioning Server...................................................................................14
Verify the Provisioning Server process............................................................................17
Verify the Provisioning CLU API......................................................................................17
Configure the Accounting Framework..............................................................................18
Verify the Accounting Framework process.......................................................................19
Verify the RADIUS process.............................................................................................. 19
Install the Service Manager............................................................................................. 20
Verify access to the Service Manager.............................................................................21
Verify database replication............................................................................................... 22

Test the installation......................................................................................................23
Configure a PDSN........................................................................................................... 23
Create the DEFAULT Service Profile...............................................................................24
Configure Profiles and a User.......................................................................................... 25
Create a Gold User Profile Set in the organization you just created...............................26
Create a Gold User.......................................................................................................... 26
Configure and run tracetool............................................................................................. 28
Add a tracetool client............................................................................................. 28
Start tracetool......................................................................................................... 28
Run radtest...................................................................................................................... 29
View accounting records.................................................................................................. 36

Page 2

March 11, 2015

Bridgewater ATP

Version 1.0

Verify RADIUS operation using radtest............................................................................37
Verify tracetool operation using radtest...........................................................................37
Verify radpet operation..................................................................................................... 38
Verify the monitoring operation........................................................................................ 38
Verify the Oracle backup operation..................................................................................38
Verify accounting flat file generation................................................................................39
Verify SNMP query functions........................................................................................... 39
Verify system operation after a reboot.............................................................................39

Appendix A................................................................................................................... 40
Middleware Server........................................................................................................... 40
Verify the Middleware process...............................................................................40
Web and FTP Server....................................................................................................... 41
Verify the Web server process...............................................................................41
DHCP Server (Client Configuration)................................................................................41
Application Authorization Server (AppAuth)....................................................................42
LDAP Integration.............................................................................................................. 42
RADIUS Proxy................................................................................................................. 42
System Monitoring (Monitoring Utility – BWSbmon).......................................................42
Session State Register (SSR).......................................................................................... 42
Prepaid Integrator (PPI)................................................................................................... 43
Prepaid operation................................................................................................... 43
Postpaid operation................................................................................................. 44
CALEA Controller............................................................................................................. 44
Calea TimesTen database......................................................................................44

Installation Acceptance Form......................................................................................45

March 11, 2015

Page 3

2015 . based on package and component dependencies. This is especially useful if you don’t use default names and passwords and need to remember them later. It is not intended to verify all functionality in Bridgewater products. see the applicable installation and user guides. The ATP includes installation procedures.0 Introduction The purpose of this Acceptance Test Plan (ATP) is to verify the installation and general operation of Bridgewater products. Documentation We recommend that you print a copy of the Bridgewater Installation Guide to assist you with the installation process. depending on the problems encountered and the skill level and experience of the tester. basic configuration procedures.Bridgewater ATP Version 1. The following chapters are especially useful: Chapter 1: Component packages This chapter lists all the packages required for each Bridgewater component. Prerequisites To be able to successfully perform the installation. a review of the documentation for the applicable products. Page 4 March 11.  Common Unix commands  Solaris operating system Time required Execution can be accomplished in as little as 2-4 hours but may take longer. configuration. Chapter 4: Installation checklists This chapter contains checklists for recording any information requested during the installation. and basic test tools and utilities. They are listed in the order in which they should be installed. Chapter 6: Package installation This chapter contains all known package prompts. and an understanding of the system architecture). and execution of the test tools and utilities described in this ATP. the following skills are recommended:  Some familiarity with Bridgewater products (for example. Customer-specific packages For information about installing customer-specific packages.

Bridgewater ATP Version 1. Note: All local hard disks are erased during the jumpstart procedure. rather than installing the operating system from scratch. Make sure you back up any data that you want to keep before you begin. You can use the pre-installation script to jumpstart with a flash image. you may want to clean the test platforms and install fresh copies of the operating system and recommended patches. March 11. This takes less time and is the preferred method to guarantee a properly installed operating system. or connect to the FTP server that contains the files and copy them to the directory on your server. Verify the DVD or FTP site contents Verify that the list of packages corresponds to the release list and matches the list in the Bridgewater Installation Guide. Create a directory for the packages Connect to your server and create a directory for the packages and executables. Copy the packages and scripts from the DVD or FTP site Insert the DVD into the drive and copy the files to the directory you created on your server.0 Pre-installation tasks This section describes the tasks required or recommended before you start the installation. 2015 Page 5 . Jumpstart the servers Before you start the installation and test execution.

0 Operating system setup check lists Remote access General VPN client VPN username VPN password VPN endpoint IP address Server access (SSH) AAA SC 1 IP AAA SC 1 access username AAA SC 1 access password AAA SC 1 root username AAA SC 1 root password AAA SC 2 IP AAA SC 2 access username AAA SC 2 access password AAA SC 2 root username AAA SC 2 root password Server information OS version OS server model OS CPU OS memory OS cluster patches Partioning Network interfaces Hosts Crontabs NTP Policies Page 6 March 11. 2015 .Bridgewater ATP Version 1.

Z 4. so that you can respond appropriately to the prompts: MDEF.0 Install the Oracle database Install the database package Install either the Oracle Enterprise (BWSwsoe) or Oracle Standard (BWSwsos) database package.oracle 3. Log in as root 2. it should also show the replication status. 2. see the Oracle Database Reference Guide. For an MDEF database.sh The result should show the database type. 1. Install the database: pkgadd –d <package_name> Below are the most common commands for checking the Oracle database. Move to the directory where the database package is located: cd /<dirctory_name> 3./servertype. Change to the Widespan scripts directory: cd /widespan/scripts 4. March 11. Start or stop the daemon /etc/init. You must unzip these packages before you install them.d/oracle start or /etc/init. For more information. Determine the type of Oracle database to be installed.d/oracle stop Verify the database type and confirm that it responds to requests 1. Master. 2015 Page 7 . Unzip the package: gunzip <package_name>.Bridgewater ATP Version 1. Switch to Oracle user: su . Snapshot. Verify the Oracle database type: . which should be NORMAL. or Standalone.

Log in as root 2.log To verify that the processes are running. including replication and purging jobs 1. type: ps –ef|grep ora Page 8 March 11. Check the log file tail -100f /u01/app/oracle/admin/wsp/bdump/alert_wsp. 2015 .oracle 3.0 Check for broken database jobs. Access SQLPLUS: sqlplus r6 r6 4.Bridgewater ATP Version 1. Switch to Oracle user: su . At the sql prompt. type: select count (*) from dba_jobs where broken = 'Y'. The count should be 0 for each server.

then type its number and press Enter. The database script package installation may take up to an hour. 4 Repeat step 3 until all desired packages have been installed.. a messages is displayed stating that BWS<package_name> has been installed. Do one of the following: a If the package appears in the list. For more information. Note: In Solaris 8. 2015 Page 9 . type: tail -100f /var/adm/messages To verify that the processes are running. To start or stop the daemon.Bridgewater ATP Version 1. type: ps –ef|grep Times March 11. you must run the setup script after the package has been installed: cd /TimesTenSoftware . after a package has been installed.d/tt_tt51 stop To check the log file. press Enter. The list does not appear automatically in Solaris 10. the beginning of the package list is automatically displayed.sh –record /TimesTenSoftware/install. type: /etc/init.log Below are the most common commands for checking the Oracle database. see the AAA Service Controller User Guide.d/tt_tt51 start or /etc/init. TimesTen database If you are installing the TimesTen database package. type Crt-D.0 Install the packages This section provides the high-level instructions. b Note: For more packages. For detailed information. see the Bridgewater Installation Guide. After each package installation. 1 Move to the /stage/ directory: cd /stage/ 2./setup. Find the required package pkgadd -d /<directory_name> 3.

see the RMS User Guide. type: tail -100f /var/adm/messages To verify that the processes are running. When the SNMP package. To access the host configuration file for editing. is installed. registration and deregistration of subagents and their MIB metrics. you may want to keep this number at or under 128.conf To start or stop the daemon.conf To start or stop the daemon. Valid values are between 10 and 2048. For more information. authentication. you will see a prompt for the size of the TimesTen database in megabytes. When you install the BWSwsrms package. the SNMP master agent allows each application running on the server to register its own SNMP MIBs with the MIB browser or SNMP management system. you may want to keep this number at or under 128. type: /etc/init.Bridgewater ATP Version 1. or instead of. including the agent protocol engine.d/wsrms stop To check the log file. To access the SNMP configuration file for editing. In addition. see the Bridgewater SNMP Guide. Valid values are between 10 and 2048. type: /Widespan/config/rmshosts.0 RMS The Resource Management Server (RMS) tracks the global use of dynamic resources such as active dial-up sessions across the network.d/wsrms start or /etc/init. the standard Solaris agent is selected. BWSsnmp. including the system and SNMP groups of MIB-II and the tables associated with SNMPv2* security. type: /Widespan/snmp/config/agt/snmpd. privacy.conf To access the RMS configuration file for editing. the option to run the SNMP master agent in addition to. Below are the most common commands for checking the SNMP functionality . type: /etc/init. 2015 . and access control. The SNMP master agent provides the same core agent services as the Solaris agent.d/wssnmpd start or /etc/init. type: /Widespan/config/rms/rms. plus support for some MIB objects. For smaller servers. When you install the BWSwsrms package. and trap event processing. For more information. type: ps –ef|grep rms SNMP Bridgewater products communicate with the SNMP master agent for authentication. Below are the most common commands for checking the RMS. authorization and access control for SNMP requests. authorization. For smaller servers.d/wssnmpd stop Page 10 March 11. you will see a prompt for the size of the TimesTen database in megabytes.

2015 Metric Metric increase radiusAuthServTotalAccessRequests 1 radiusAuthServTotalAccessAccepts 1 radiusAuthServAccessRequests 1 radiusAuthServAccessAccepts 1 radiusAccServTotalRequests 2 (1 each for acct start & stop) radiusAccServTotalResponses 2 (1 each for acct start & stop) radiusAccServRequests 2 (1 each for acct start & stop) radiusAccServResponses 2 (1 each for acct start & stop) Page 11 . Stop SNMP: /etc/init. Using radtest (see the section on using radtest on page 24). Using your MIB browser or SNMP management system. type: ps –ef|grep snmp Verify the SNMP process Make sure that the SNMP daemon stops and starts correctly. check that the following metrics are incremented correctly: March 11. 1. You should see "SNMP Subagent successfully connected to Master Agent" in the log. In the first window. start SNMPr: /etc/init. Log in as root. Confirm in the message log that the daemon starts up. Open a second window to monitor the SNMP messages: tail -100f /var/adm/messages 4. 2.Bridgewater ATP Version 1. send an authentication request.d/wshsnmpd stop 3. type: tail -100f /var/adm/messages To verify that the processes are running.d/wssnmpdstart 5. Check the MIBs To check that the MIBs are properly installed and that metrics are properly incremented for a successful authentication request : Stop and restart the Master Agent to reset the SNMP metrics.0 To check the log file.

4 /etc/cron. you are asked for an email address as the recipient of alert messages. 2015 .d/logchecker 10 3 * * 0 /usr/lib/newsyslog 15 3 * * 0 /usr/lib/fs/nfs/nfsfind Page 12 March 11. Shutting down the server Solaris parameters must be updated during Solaris 8 installation of the following packages:  BWSwsoe—Oracle Enterprise  BWSwsos—Oracle Standard  BWSwstt—TimesTen database  BWSwssts—Session Director The basic instructions are the same.orig cp /tmp/system. edit crontab.0 Installation troubleshooting This section describes some of the problems you may encounter and how to resolve them. T avoid a continuous stream of emails. but the /tmp directories are different: cp /etc/system /etc/system.pl in crontab. Do the following after installing the BWSmon package: csh setenv EDITOR vi crontab -e Comment out (#) the line that runs monitor. # 10 3 * * 0. # # The rtc command is run to adjust the real time clock if and when daylight savings time changes.<depends on the package>/etc/system /usr/sbin/shutdown -y -g0 -i6 Destination for email messages Several times during the installation. Use an appropriate address to avoid flooding an unintended email address. The root crontab should be used to perform accounting data collection.Bridgewater ATP Version 1.

Remove the package and clean up.27.tab — /var/opt/bws/db.0 1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1 30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/ gsscred_clean 0 * * * * /usr/sbin/ntpdate time.31.3.59 * * * * [ -x /WideSpan/mon/ monitor. 2015 Reboot the server. Oracle Client is used to communicate with the database from a remote machine.com #1. Page 13 .49.33.53.bridgewatersys. Unless you know that you need this package and how to configure the files.43 .9. use one of the two recovery modes: 1.29. 45.pl > /de v/null 2>&1 To save the changes and exit the vi editor.5. type: :wq! BWSraddmu This is an optional package. BWSwsoc Oracle Client package BWSwsoc is the Oracle Client package.51. 2.Bridgewater ATP Version 1.13.57. If you have installed this package on the same database.55.37.bridgewatersys. we recommend against installing it.41.23. Jumpstart the server and start from the beginning.15.25. Installing this package creates a number of changes in configuration files that may make it more difficult to complete the testing.7. required only if you are implementing the DMU feature.19.pl ] && /WideSpan/mon/monitor.17.21.11. it should not be installed on the same server as the database.47.info — /redo* c March 11. using the following procedure: a Remove the offending package: pkgrm BWSwsoc b Delete the following files: — /var/opt/oracle/ora.35. therefore.com 0 * * * * /usr/sbin/ntpdate time.39.

you must change the line: <url>jdbc:oracle:oci:hostname202</url> to use this format: Page 14 March 11.0”> <datasource> <user-name>r6</user-name> <password>r6</password> <driver>oracle. The Provisioning Server is configured using the service. you will find instructions to:  configure the Provisioning Server  Framework configure the Accounting  verify the RADIUS processes  install the Service Manager  verify database replication Configure the Provisioning Server The Provisioning Server is used to send and receive requests to and from the AAA Service Controller Oracle database. you must configure the Provisioning Server configuration files and start the process as described below.OracleDriver</driver> <url>jdbc:oracle:oci:@localhost:6136</url> <timeout>10</timeout> <min-pool-size>10</min-pool-size> <max-pool-size>20</max-pool-size> </datasource> </server> a Make sure the hostname (highlighted in bold above) is correct. Determine if the Provisioning Server is running: ps -ef | grep provs If the Provisioning Server process is running. These values can be changed later using the changedbpass script. b Verify that the user-name and password for the database are correct.Bridgewater ATP Version 1.jdbc.0 Set up the server for testing In this section. If you are using a remote Oracle database.xml file. Move to the Provisioning Server configuration file directory: cd /WideSpan/config/provserver 3.xml file. proceed to “Configure the Accounting Framework”. Note: c The installation of the AAA Service Controller uses r6 and r6 as the default user and password. If so. 1. As the root user: <server version=”3. Edit the server. one parent and two child processes should be returned. If no processes are returned. 2015 . 2.

--> <bind-address>*</bind-address> <!-.jdbc.Restrict binding of ports to an IP address/hostname or allow ports to bind to all interfaces(*).0 <url>jdbc:oracle:thin:@hostname202:1521:wsp</url> Below is an example of the server.Shared secret required to decrypt ARC4 requests and encrypt responses sent via HTTP.Bridgewater ATP Version 1.1</host> </user> <user> <principal>middleware</principal> <credentials>middleware</credentials> <role>OSS</role> <role>MiddlewareClient</role> </user> March 11.xml file: <server version="3. Clients that use ARC4 over HTTP MUST be configured with the same shared secret.OracleDriver</driver> <url>jdbc:oracle:thin:@localhost:6136:wsp</url> <timeout>10</timeout> <min-pool-size>1</min-pool-size> <max-pool-size>10</max-pool-size> </datasource> <access-control> <user> <principal>admin</principal> <credentials>admin</credentials> <role>Administrator</role> <host>127.0"> <name>kansparc6136</name> <role>Master</role> <timeout>15</timeout> <!-.Configure port to listen for HTTP requests --> <port>32000</port> <!-. 2015 Page 15 .configure http transport --> <transport name="http"> <!-. --> <shared-secret>johnson</shared-secret> <!-.0.Configure port to listen for HTTPs requests --> <secure-port>32001</secure-port> <!-.Configure thread pool boundaries --> <min-threads>10</min-threads> <max-threads>256</max-threads> </transport> <datasource> <user-name>r6</user-name> <password>r6</password> <driver>oracle.0.

bridgewatersystems.request"> <log-level>ERROR</log-level> </log> <log-handler class="com.common.Bridgewater ATP Version 1.0 <user> <principal>uatadmin</principal> <credentials>uat</credentials> <role>OSS</role> </user> <user> <principal>smclient</principal> <credentials type="secret"/> <role>OSS</role> </user> </access-control> <snmp> <nms><host>localhost</host>< <port>162</port></nms> </snmp> <logging> <log name="server"> <log-level>INFO</log-level> </log> <!-.SyslogEventHandler"> <properties> <property name="syslog.To enable request/response logging set the log level to INFO. --> <log name="server.facility" value="local7" /> </properties> </log-handler> <!-.comm.hostname" value="localhost" /> <property name="syslog.name" value="provserver" /> <property name="syslog. 2015 .Uncomment to enable file logging(useful for debugging) Page 16 March 11.logging. To disable set to ERROR.port" value="514" /> <property name="syslog.

xml file. use the Command Line Utilities (CLU) API: 1. Stop Provisioning: /etc/init. you can check the Provisioning Server process. In the first window. Log in as root. 2. 1. 2015 Page 17 .filepath" value="/WideSpan/logs/provserver.0 <log-handler class="com.append" value="false" /> </properties> </log-handler> --> </logging> </server> Verify the Provisioning Server process When you have configured and verified the service. Open a second window to monitor the Provisioning Server messages: tail ­100f /var/adm/messages 4. To make sure that the Provisioning server daemon stops and starts correctly.bridgewatersystems. Log in as root.file.Bridgewater ATP Version 1. You should see "localhost provserver: server INFO ready" at the end of the log. The response from the API should be: OK|root|||| March 11. Verify the Provisioning CLU API To make sure that the Provisioning server responds.common. Change to the Widespan directory and send the message: cd /Widespan/vip . run the following commands. Confirm in the message log that the daemon starts up.log" /> <property name="log./nasauth/Widespan/config/vipclient.FileLogHandler"> <properties> <property name="log.d/wsprovs stop 3.conf root null root 3. start Provisioning: /etc/init.logging. 2.d/wsprovs start 5.

copy the standalone version of the acctfwk.xml file is present in the /Widespan/config directory: ls If the file is not present. In addition. 2015 . which must be removed: chmod 600 buffer_config. ls If the file is not present.xml /WideSpan/config/acctfwk.xml file: cp /WideSpan/acctfwk/config.xml file is present in the /Widespan/config directory. the Accounting Framework must have a configured acctfwk.xml file in the /WideSpan/config directory.1 widespan ws 737 <date and time> buffer_config. and configuration and operation instructions.xml Check if the acctfwk. Check to see if the buffer_config.xml file: cp /WideSpan/acctfwk/config.xml Change the ownership and group for the buffer_config.xml Page 18 March 11.xml The following should be displayed: <-rw -------.template/ buffer_config_radius_standalone.0 Configure the Accounting Framework There are three basic configuration options for the Accounting Framework:  using RC&F) write the files locally (if you are not  locally install the RC&F server functions  RC&F server create a stream to send to a remote For information about deployment options.xml file: chown widespan:ws acctfwk.xml /WideSpan/config/ buffer_config. see the Revenue Collector and Formatter Administrator Guide.template/ STANDALONE_acctfwk.xml file: chown widespan:ws buffer_config.xml Verify the change: ls –l buffer_config.xml Change the ownership and group for the acctfwk.xml Verify the change: ls –l acctfwk.Bridgewater ATP Version 1.xml If the output from the verification has an “x” in it. This section describes how to use the installed pre-configured files to accomplish this. the permissions include an executable. The RADIUS Server must have a buffer_config.xml file in the /WideSpan/config directory before the process can start. copy the standalone version of the buffer_config.

Open a second window to monitor the Accounting messages: tail ­100f /var/adm/messages 4.xml and the acctfwk.d/wsaradius stop 3.xml files.xml files. 2015 Page 19 . Confirm in the message log that the daemon starts up. Open a second window to monitor the RADIUS messages: tail ­100f /var/adm/messages 4. In the first window.Successful Database Connection to <database_name>" in the log. type: # ps -ef | grep radiusd # ps -ef | grep acctfwk March 11.1 widespan ws 452 <date and time> acctfwk.xml Verify the Accounting Framework process After you have created the buffer_config. which must be removed: chmod 600 acctfwk.0 The following should be displayed: <-rw -------. 2. You should see "WS_ConnectToDB -. In the first window.d/wsacctf start 5.d/wsradius start 5.d/wsacctf stop 3. make sure that the RADIUS daemon stops and starts correctly. 2.xml and the acctfwk. Confirm in the message log that the daemon starts up. start Accounting: /etc/init. the permissions include an executable. Log in as root. Log in as root. Stop Accounting: /etc/init.xml If the output from the verification has an “x” in it. Stop RADIUS: /etc/init. To verify that the processes are running. make sure that the Acounting Framework daemon stops and starts correctly: 1. as the root user. 1.Bridgewater ATP Version 1. start RADIUS: /etc/init. Verify the RADIUS process After you have created the buffer_config. You should see "Accounting Framework successfully started" in the log.

replication must be turned on. You should see the Middleware Server menu.sh replication_status 1. Double-click on the setup. Connect to the server using the following parameters: — Login Name = root — Password = root — Domain = null — Server = <server_name or address> — Port = 32001 If you have read-only access.sh replication_resume 3. 2015 . under Replication Group Status. enter y.exe file.Bridgewater ATP Version 1. Check the replication status: su . Page 20 March 11. Connect to Service Manager. restart the provisioning server. In the report. Close the Service Manager. resume replication: dbutil.widespan cd /database/widespan/scripts/dbutil dbutil. If replication is not turned on. When prompted to output the results. Install a license. you should see the following information: Group = WSP6 Status = NORMAL SCHEMA_COMMENT = Widespan WSP6 Replicated 2. If all you see is Apache docs.exe file for Service Manager from the server.0 Install the Service Manager Obtain the setup. select License > New. 4. On the main menu.

Enter the following: — Authentication Code = 73C7-AF21-3F7C-9EFE-0A63-980F-E064-9885 — Customer Name = Bridgewater — Distributor Name = Bridgewater — Maximum Subscribers = 100.0 5. Set the domain to "null". Click OK. 4. Verify access to the Service Manager After you have configured the Service Manager. 2015 Page 21 . Launch the Service Manager client from your PC. Set the port to "80".Bridgewater ATP Version 1. Log in as username "root". make sure that you can access it from your PC: 1. 6. 3.000 6. 2. Log in with the password "root". March 11. 5. Type in the IP Address or name of the server.

12. c) For the search criteria. Check the active user count on each server (they should match). type: select count (*) from usr where status = 'A'. Confirm that the user count on the second server has been dropped by 1 also. b) Click the Find Users button. Start the Service Manager client from your PC and add a user: a) Highlight the organization.0 Verify database replication In this procedure. 3. 2. c) Set the Username. 11. 4. (It may take a couple of minutes for the change to display. e) Click OK to save the changes. 8.oracle 5. e) Right click and select Delete to delete the user. Confirm that the user count on the first server has been incremented by 1. Confirm that the user count on the first server has been dropped by 1. Log in as root. 1. you will  add a user to the first server. Switch to Oracle user: su . and confirm that the user is deleted on the second server These steps will confirm whether the Oracle Snapshot replication is working properly. Delete the test1 user you just created: a) Highlight the organization. b) Click the Add User button. Open a terminal window on each server. and confirm that the user is replicated on the second server. perform both steps in both directions. 2015 . use Login Name = test1 and click Search. and Password to test1 d) Click Create. Login Name.) Page 22 March 11. Access SQLPLUS sqlplus r6 r6 6.) 10.  delete the user on the first server. In a multi-master replication scenario.Bridgewater ATP Version 1. 7. d) Highlight the row for user test1. (It may take a couple of minutes for the change to display. Confirm that the user count on the second server has been incremented by 1 also. At the sql prompt. 9.

March 11. 4. Page 23 . you will find instructions to:  configure a PSDN  create the DEFAULT Service Profile  configure Profiles and a User  Create a Gold User Profile Set  Create a Gold User  configure and run tracetool  run radtest  view accounting records  radtest verify RADIUS operation using  radtest verify tracetool operation using  verify radpet operation  verify the monitoring operation  verify the Oracle backup operation  verify accounting flat file operation  verify the SNMP query functions  reboot verify system operation after a Configure a PDSN Use the Service Manager to configure the PDSN for a CDMA environment: 1. Start the Service Manager and log in as root. Type the following information in the fields: Field Value IP Address IP address of your server Name Host name of the server Description Leave blank Shared Secret SECRET Vendor Name RFC2138 Model Name Leave blank Number of Sessions 100 Timezone GMT 5. 2. 3.0 Test the installation In this section.Bridgewater ATP Version 1. Select File>New>PDSN. Click the System tab. 2015 Click OK.

7. Click Apply Changes to apply the new PDSN to the system.Bridgewater ATP 6. Page 24 Version 1. Click Yes when the Save dialog is displayed. 2015 .0 March 11.

4. In the Default Edit Mode dialog box. click the Attribute Information tab and use the following values: Field Vendor Availability tab Value RFC2138 Attribute Availability tab Allow All 8. In the right pane. use the following values: Field Value Service Profile Name DEFAULT Service Class Name RADIUS Connection Service 5. 2015 Page 25 .Bridgewater ATP Version 1. select Root Organization>Service Profiles>Connection Services>Default. 9. 3. 2. 1. Select File>New>Service>Profile. 7. Click the Service tab. Highlight the Root Organization. March 11. 6. In the New Profile Set dialog box. Click Create. Click Yes to save the changes.0 Create the DEFAULT Service Profile Use the Service Manager to create the DEFAULT Service Profile before you create the Organizational Profile Set. Click OK.

7. 3. Select File>New>Profile Set. Click OK to close the dialog box for the new organization. click Yes. use the following values: Field 12. 2. 18. Click OK to close the dialog box. use the following values: Field Value Left pane DEFAULT Dictionary Attributes Session-Timeout Attribute Name value 14400 16. In the Add Organization dialog box. Click Create. click Yes. Select File>New>Organization. and Users. Value Organization Name <name of the organization> Association Domain Create New New Domain Name <name of the new domain> Profile Set <profile set name used in Step 4. In the New Profile Set dialog box. Click Create. select DEFAULT under the Connection Services. User Profile Sets. 10. 15. Highlight the Root Organization. In the right pane. In the New Profile Set dialog box.0 Configure Profiles and a User Use the Service Manager to create the Organization Profile set. use the following values: Field Value Name <profile set name> Profile Set Type Organization 5. right-click the new organization you just created and select Edit. 6. Page 26 March 11. 13. Click the Service tab. Click Add. Click OK. 14. 11. Click Add. In the organization dialog box. 9. 4. 17. 2015 .Bridgewater ATP Version 1. In the Save dialog box. 1. 8. A message is displayed to indicate that the new Profile Set has been created successfully. In the Save dialog box.

type golduser. 2. Login Name. In the left pane.” 7. select Gold. In the Save dialog box. Click Add. select the organization you created. click Yes. In the New Profile Set dialog box. 4. select DEFAULT under the Connection Services. select Session Timeout. 15. Click Create. 13. and Password. In the New Profile Set dialog box. For the Username. Click OK. Set the Attribute Name value to 14400. click Yes. In the Save dialog box. Click Add. 9. Dictionary Attributes Idle-Timeout Attribute Name value 3600 10. 12. Create a Gold User 1. use the following values: Field Right pane Value DEFAULT Click the Service Profile (DEFAULT) tab. 6. 6. The New Entity dialog box is displayed with the message “golduser has been created successfully. Click Create. 11. From the Profile Set dropdown menu. use the following values: Field Value Name Gold Profile Set Type User 4. Click OK. In the left pane. 2015 Page 27 . 3. 7.Bridgewater ATP Version 1. Click Add. In the left pane. 14. Select File>New>User. select the DEFAULT Connection Service. In the Gold – Edit Mode dialog box. 5. 3. From the Dictionary Attributes. select the organization you created in the previous procedure. the Attributes in Effect should show: March 11. 2. Select File>New>Profile Set. On the right side of the display.0 Create a Gold User Profile Set in the organization you just created 1. 8. 5.

Page 28 March 11.Bridgewater ATP Version 1.0 Idle Timeout 3600 Session Timeout 14400 Click OK to close the dialog box. 2015 .

Use the IP address of the machine where the AAA Service Controller software is installed.148. Run tracetool: .cfg –h <server_address> To stop tracetool./tracetool –f filter.68 TRACECLIENT 192. you must send the RADIUS Server a HUP signal so that it can reread the TRACECLIENT fields: pkill -HUP radiusd If you changed the PORT or TRACEBIND fields.Bridgewater ATP Version 1. you must restart the RADIUS Server.123. Use this tool to view incoming RADIUS packets.148.161. 1.143.67 #TRACECLIENT 192.0 Configure and run tracetool The RADIUS tracetool enables you to monitor RADIUS communication with NASs and other RADIUS Servers. 2015 Page 29 .168. Add a tracetool client Edit the traceclients file to add a traceclient for the IP address of the machine that runs tracetool. Below is an example of a traceclients file: #PORT 30000 #TRACEBIND 192.2 #CONNECTIONS 4 #TRACECLIENT 192.123. As the widespan user. The tracetool utility connects to the RADIUS Server as a client. press crtl+c. Start tracetool Note: You must start tracetool before you run radtest.36 After you have edited the traceclients file. You can run tracetool on the same host machine as the RADIUS Server or on a remote machine connected via TCP/IP. move to the tracetool directory: su – widespan cd /Widespan/testtools/ 2. The traceclients file is located in /Widespan/config/radius/traceclients. March 11.148.

168.Bridgewater ATP Version 1. Before you run the radtest example in this section. 2015 .0 Run radtest The radtest utility simulates a PDSN requesting authentication from the RADIUS Server.161. In this test.161.36 SECRET User-Name=golduser UserPassword=golduser NAS-Port=1 The following output is displayed: RADIUS IP address : 192. and the Accounting Stop records. for example: telnet hostname202 Move to the radtest directory: cd /Widespan/testtools/radtest Type the following command: . Open a second telnet session to complete the following steps: Log in as the widespan user to the Solaris Server where the AAA Service Controller is installed.36 Auth UDP Port: 1812 Acct UDP Port: 1813 User Interact: disabled Timeout Intvl: 120 Retry Count: 1 Acct Wait Int: 0 Page 30 March 11./radtest -Uv 192. you will:  user run the radtest utility as the gold  run radtest to mimic a full RADIUS session The example of radtest in this section prompts you three times to press Enter:  message to send the Access-Request  to send the Acct-Start message  to send the Acct-Stop message Note: Use the IP Address of the machine where the AAA Service Controller software is installed. telnet to the AAA Service Controller server and run the following command to view the incoming logs: tail -100f /var/adm/messages This will enable you to view the logs for the Authentication Request.168. the Accounting Start.

2015 Version 1.0 Page 31 .Bridgewater ATP March 11.

94| ========================================================== ===================== [ 1] <User-Name>=(golduser) 8Byte ------------------------------------------------------------------------------ Page 32 March 11.I. 2015 .36| 54022| 192.Port | | Req Initiator IP | R.3c.3c.0" The following log message is generated in the /var/adm/messages file: Aug 13 14:57:19 kansparc321 radiusd[478]: [ID 559039 local7.f1.2e.f1.168.1[5=1.57.info] INFO RADOP(102) auth for golduser from 192.3.161.61.2d.0.c2.16.3e.83.86.7.61.167.36.53.9c.2.1.86.0.55.H.0.69.0.c2.3.time = 1 seconds total time is >149< ms Class = "42.2f.1.55.Bridgewater ATP Version 1.cf.94 User-Name = “golduser” User-Password = “golduser” NAS-Port=1 ready to receive RADIUS auth response (1:1) Access Accepted .168.3b.69.0 Press Enter to send the Authentication Request.f.e.8e.] accepted with service: DEFAULT The following is the tracetool output: ========================================================== ===================== | Request Type R.0.0.0.7.3e.cf.36.1| ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:13:30 27-Oct-2006| 3| IN| 51| 1| 0| ========================================================== ===================== | Authenticator Tracking ID | | 1| | e4.167.Port | Req Handler IP | | Access Request| 1812| 192.168. The following output is displayed: Sending Authentication Request (1:1) Sent Using Request Authenticator: e4.3b.9c.

57.07.16.bf.03.0 0.37.167.0a.03.87.fb.9d .Port | | 1812| | Req Initiator IP | R.5c.be.07.29.5b.9f.0 [ 2] <User-Password>=(db.16.01.00.2e.02.f8.00.13.1| 54022| 192.8a) 16Byte -----------------------------------------------------------------------------[ 5] <NAS-Port>=(1) 4Byte ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~ ========================================================== ===================== | Request Type R.53.1| ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:13:30 27-Oct-2006| 6| OUT| 51| 1| 0| ========================================================== ===================== | Authenticator Tracking ID | | 1| | de.e9. 32.00) 22Byte -----------------------------------------------------------------------------[ 27] <Session-Timeout>=(14400) 4Byte ------------------------------------------------------------------------------ March 11.7.2f.255.59.39.00.a0.Port | Req Handler IP | Access Accept| 192.fc.H.Bridgewater ATP Version 1.168.167.01.32.254) 4Byte -----------------------------------------------------------------------------[ 25] <Class>=(42.168.0e.20.87.00.4d| ========================================================== ===================== [ 6] <Service-Type>=(Framed) 4Byte -----------------------------------------------------------------------------[ 7] <Framed-Protocol>=(PPP) 4Byte -----------------------------------------------------------------------------[ 8] <Framed-IP-Address>=(255.68.50.I.255. 2015 Page 33 .3b.e2.00.00.

] recorded OK.80.8d.07.0 Press Enter to send the Accounting Start Request. The following output is displayed: Sending Accounting start Request (3:1).00.1| 54022| 192.b0.00) 22Byte Page 34 March 11.168.57.73.af.20.00.168..I.00.1[5=1..71.167.168.57.00.167.1) 4Byte -----------------------------------------------------------------------------[ 25] <Class>=(42.00.03.53.d8.07.0 0.00.2) from 192.01.1| ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:14:08 27-Oct-2006| 6| IN| 35| 3| 0| ========================================================== ===================== | Authenticator Tracking ID | | 2| | d9.16.59.time = 0 seconds START REQ: total time is >4< ms The following log message is generated in the /var/adm/messages file: Aug 13 14:46:20 <hostname>radiusd[478]: [ID 664437 local7.167.03.02.info] INFO RADOP(13) acct start for golduser (IP=10.0e.18. The following is the tracetool output: ========================================================== ===================== | Request Type R.H.8a.01. Sent ready to receive RADIUS acct start response (3:1) Received Accounting start Response .2f.a9. 2015 .168.Bridgewater ATP Version 1.168.Port | Req Handler IP | | Accounting Request| 1813| 192.Port | | Req Initiator IP | R.9f.152.167.5a| ========================================================== ===================== [ 1] <User-Name>=(golduser) 8Byte -----------------------------------------------------------------------------[ 5] <NAS-Port>=(1) 4Byte -----------------------------------------------------------------------------[ 8] <Framed-IP-Address>=(10.2a.

a0.1| 54022| 192.168.44.8a.Bridgewater ATP Version 1.5a.5e. 2015 Page 35 .96.I.9d.Port | | Req Initiator IP | R.4c.c4.167.167.d8.Port | Req Handler IP | |Accounting Response| 1813| 192.e7.83| ========================================================== ===================== March 11.a3.0 -----------------------------------------------------------------------------[ 40] <Acct-Status-Type>=(Start) 4Byte -----------------------------------------------------------------------------[ 44] <Acct-Session-Id>=(45423E3A-5F49A-0-1) 18Byte ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~ ========================================================== ===================== | Request Type R.39.a7.1| ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:14:08 27-Oct-2006| 0| OUT| 35| 3| 0| ========================================================== ===================== | Authenticator Tracking ID | | 2| | 93.H.168.

Min = 149..a3.31.1| 54022| 192. 2015 . Max = 4. Min = 18.e7. Max = 171.167.H.168.. Failures = 0 Authentication Avg = 149 : Success = 1.15.Bridgewater ATP Version 1.168.1| ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:14:37 27-Oct-2006| 12| IN| 51| 4| 0| ========================================================== ===================== | Authenticator Tracking ID | | 3| | a6.Port | Req Handler IP | | Accounting Request| 1813| 192.Port | | Req Initiator IP | R.58.167. Min = 171.f6.2) from 182.0227273 Cycles/Sec Call-Check(auth) : Success = 0.97.] recorded OK.a6.65. Max = 149. Accounting Start: Success = 1.35. The following output is displayed: Sending Accounting stop Request (4:1).168.2[5=1.I.0 Press Enter to send the Accounting Stop Request. Sent ready to receive RADIUS acct stop response (4:1) Received Accounting stop Response .17. : 5.61| ========================================================== ===================== [ Page 36 1] <User-Name>=(golduser) 8Byte March 11.35.info] INFO RADOP(13) acct stop for golduser (IP=10. Failures = 0. Min = 4. Max = 18.168.8f. Avg = 18 Overall Cycle : Success = 1/1. The following is the tracetool output: ========================================================== ===================== | Request Type R.152.time = 0 seconds STOP REQ: total time is >18< ms ==================== Final Result ====================== Request Rate: 0.88. Avg = 171 Cycles per Sec.152. Avg = 4 Accounting Stop: Success = 1.8479532 The following log message is generated in the /var/adm/messages file: Aug 13 14:58:20 <hostname> radiusd[478]: [ID 664437 local7.

167.00.00.01.1) 4Byte -----------------------------------------------------------------------------[ 25] <Class>=(42.00.59.H. 2015 192.I.00.03.0 -----------------------------------------------------------------------------[ 5] <NAS-Port>=(1) 4Byte -----------------------------------------------------------------------------[ 8] <Framed-IP-Address>=(10.167.168.07.07.0e.03.167.1| 54022| 192.00) 22Byte -----------------------------------------------------------------------------[ 40] <Acct-Status-Type>=(Stop) 4Byte -----------------------------------------------------------------------------[ 44] <Acct-Session-Id>=(45423E3A-5F49A-0-1) 18Byte -----------------------------------------------------------------------------[ 46] <Acct-Session-Time>=(67) 4Byte -----------------------------------------------------------------------------[ 49] <Acct-Terminate-Cause>=(554068) 4Byte -----------------------------------------------------------------------------[ 42] <Acct-Input-Octets>=(3456) 4Byte -----------------------------------------------------------------------------[ 43] <Acct-Output-Octets>=(7345) 4Byte -----------------------------------------------------------------------------[ 47] <Acct-Input-Packets>=(101) 4Byte -----------------------------------------------------------------------------[ 48] <Acct-Output-Packets>=(202) 4Byte ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~ ========================================================== ===================== | Request Type R.2f.57.Port | | Req Initiator IP | R.00.53.168.0 0.00.01.1| Page 37 .168.16.Port | Req Handler IP | |Accounting Response| 1813| March 11.Bridgewater ATP Version 1.02.

You can view this text file using a text editor. and the exact procedure to follow depends on your system architecture and whether flat files and correlated records are created locally or remotely.ab| ========================================================== ===================== View accounting records After you have successfully run the radtest example as the gold user.31.13:35:33.db.0 ========================================================== ===================== | Timestamp of Attr | | Direction | Thread ID | Req ID | Vendor ID | # |17:14:37 27-Oct-2006| 0| OUT| 51| 4| 0| ========================================================== ===================== | Authenticator Tracking ID | | 3| | eb.1f. for example: cd /Widespan/acctfwk/accountingfiles The Accounting Framework creates a filename using the current date and time.20.a9.93.ac.72. By default. 2015 . Here's an example command for viewing a file: more 2004-08-18.Bridgewater ATP Version 1.000000 Page 38 March 11.58. the location is /WideSpan/acctfwk/accountingfiles.xml file indicates the location of the flat files.b5. To view the contents of the accounting flat files: Log in as root to the Solaris Server where the Accounting Framework is installed. For example: telnet hostname202 Move to the destination directory for the flat files. you have accounting records generated into flat files.c8. Note: The Accounting Framework is installed on both the client and server side. The configuration in the acctfwk.20.d5.b7.

x.0 Verify RADIUS operation using radtest You can check the proper operation of RADIUS by sending an authentication request from one server to another.3 Calling-StationID=3334445555 Framed-IP-Address=77.77.77.com" User-Password="atp" NAS-IP-Address=3. Make sure there are no errors in /var/adm/messages.cfg -h <server_address> 5. 2. Open a terminal on each server for monitoring the oplog: tail -100f /Widespan/logs/oplog 3. 1. Run the same command on the second server. Open a window on the first server as root and run a radtest (using the correct IP and domain): su . add a test user for use with radtest. Create a tracetool filter: su . pointing to the first server.cfg 3. 8. Verify tracetool operation using radtest You can check the proper operation of tracetool by running radtest and confirming that the data can be captured using tracetool. Review the traceclients configuration. which is in /Widespan/config/radius/traceclients.3. 1./filter.widespan tcsh cd /tmp vi filter. Add the following to the filter: TARGET LOG=SCREEN 4. using the same command. March 11. Open a terminal on each server for monitoring the messages log: tail -100f /var/adm/messages 4. Make sure the radtest was successful. In the Service Manager. 2. Start the tracetool with the following command: /Widespan/testtools/tracetool/tracetool -f .x SECRET User-Name="atp@domain./radtest -v -t 5 U -p 1812 x. The oplog should show three lines: (1) auth accepted with service DEFAULT (2) acct start (3) acct stop 7. 2015 Also check the tracetool operation from the other server.Bridgewater ATP Version 1. Add a user with login name and password set to atp to the system. Page 39 .x.3.77 6. 5.widespan tcsh cd /Widespan/testtools/radtest .

2015 .0 In a separate window.Bridgewater ATP 6. Version 1. Page 40 March 11. run some radtests to confirm that the tracetool is capturing the data.

Log in as root. Check the proper policy routing for each user. 2015 Page 41 . Run the following commands on both the first and second server: su . 2. Review the following: a) crontab entry exists for Oracle backup b) backup type and frequency c) backup run time (should be set to off-hours) d) mechanism in place to trim the backups and the archive log files e) backup config file f) backup location g) confirm backups exists in backup location h) confirm trimming is operational by examining backup file dates March 11.0 Verify radpet operation Use this procedure to check the proper operation of the radpet tool and the configured policy files. Log in as root.oracle crontab -l 3.com /Widespan/radius/radpet -i <IP_address> -t auth User-Name=atp@domain2. 1. as well as one for a user that should be rejected. Run a test for a user that should be accepted. Switch to Oracle user: su .Bridgewater ATP Version 1.com Verify the monitoring operation Use this procedure to check the proper operation of monitoring tool and the status of the system. 2. Make sure the monitor runs clean and that all processes are running without errors: /Widespan/mon/monitor.widespan tcsh cd /tmp /Widespan/radius/radpet -i <IP_address> -t auth User-Name=atp@domain. 1.pl Verify the Oracle backup operation Use this procedure to check that the Oracle backups are running properly.

1.1. 2. based on the Acounting Framework configuration file (/Widespan/config/acctfwk.4. When the server is back up. 5. Make sure all processes started (using the monitoring function). Thread usage: /Widespan/snmp/bin/getone/-v1 <IP_address> string 1. 2.2. 2.3. Thread count: /Widespan/snmp/bin/getone/-v1 <IP_address> string 1. 1. Make sure that RADIUS is processing data on each server (using radtest).3. Navigate to the flat file location and check that there is a flat file running. Log in as root. Check that the Service Manager is accessible.1.6. 2015 . run the monitor to make sure the server runs properly: /Widespan/mon/monitor. Test the getone tool on each server: a.0 Verify accounting flat file generation Use this procedure to verify that CDR flat files are being generated.xml file.3631.3631. 1. b. 3. March 11.xml) and the vendor configuration file (/Widespan/config/radius/vendors.0 Verify system operation after a reboot 1.2.6. Review the closed flat file maintenance mechanism in the /Widespan/custom/bws_maintenance.2. 3. When the server has finished rebooting and the daemons appear to be back up.0 b.1.3631.4.pl On the first server.1.widespan tcsh /Widespan/radius/walkrad -er -i <IP_address> -p 161 -c string 3. Review the flat file configuration and generation criteria in the /Widespan/config/acctfwk. log in to the Service Manager and make sure that it is functioning properly.6.2.Bridgewater ATP Version 1.3. 6. 4.2.1. Test the walkrad tool on each server: su .2.2. Max thread usage: /Widespan/snmp/bin/getone/-v1 <IP_address> string 1.3.1.0 c.1.1.1. Verify SNMP query functions Use this procedure to make sure that you can perform an SNMP query on each server by testing the functionality of the walkrad and getone tools.xml).1. 4. Navigate to the archive location and check that there are historical flat files. a. Check the logs for any boot or daemon startup errors. check the message directory for errors: tail -100f /var/adm/messages d.1.sh file.4.1. Page 42 Reboot each server in turn (not simultaneously): Log in as root. Reboot the server: /etc/shutdown -g0 -i6 -y c.

March 11. Verify the logs for any errors. 8. Repeat steps 6 and 7 with the opposite server.Bridgewater ATP Version 1. 2015 Page 43 . Run a radtest from the second server and check that there is a proper response.0 7.

d/wsmwserver stop 14. start Middleware: /etc/init. 1.d/wsmwserver start 16. Confirm in the Middleware log that the daemon starts up. type: /etc/init. Open a second window to monitor the Middleware log: tail ­100f /Widespan/logs/mwserver. Log in as root. You should see "Listening on port 6100" at the end of the log. it may be necessary to increase the maximum number of connections. type: tail -100f /Widespan/logs/mwserver. The maximum number of connections is set in the middleware-service. If Service Manager clients frequently use up all available connections. To access the configuration file for editing. type: /Widespan/middleware/middleware. run the following commands. Middleware Server The Middleware Service supports all Service Manager clients.d/wsmwserver stop To check the log file. For more information. Stop Middleware: /etc/init. Use this part of the document to add functionality to be tested on an as-required basis.xml file. Note: Delete the sections that do not apply before asking the customer to sign off on the Acceptance Test agreement. Below are the most common commands for Middleware Server. 2015 .log To verify that the processes are running. When the maximum number of connections is reached. type: ps –ef|grep mid Verify the Middleware process To make sure that the Middleware daemon stops and starts correctly.0 Appendix A This appendix provides information for checking functionality that is optional. 13.log 15. The Middleware Service opens a new database connection every time a Service Manager window or form is opened.Bridgewater ATP Version 1. Service Manager administrators are not able to open any windows until a connection is freed. see the Service Manager User Guide. Open a browser to the Web server root: http://[web_URL] 17.properties To start or stop the daemon. In the first window. Page 44 March 11.d/wsmwserver start or /etc/init.

To access the configuration file for editing.conf To start or stop the daemon. type: /Widespan/config/http/httpsd. Start the Web server: /etc/init.d/wshttpd start or /etc/init. host name.exe). or identifier (usually the MAC address). March 11. The DHCP Server can model the client using the client’s IP address. such as User Self-Administration and User Self-Registration and to support database access for the Service Manager and Delegated Administration Manager. For more information. run the following commands. Stop the Web server: /etc/init. type: ps –ef|grep http Verify the Web server process To make sure that the Web server stops and starts properly and is operational.d/wshttpd stop To check the access log file. type: tail -100f /Widespan/logs/httpsd_error_log To verify that the processes are running. and that you can download the Service Manager client (setup. 18. type: tail -100f /Widespan/logs/httpsd_access_log To check the error log file. Open a browser to the Web server root: http://[web_URL] 21. Log in as root.0 Web and FTP Server The Web and FTP Servers are primarily intended for publishing and hosting users’ web sites. The Web Server is also installed on AAA Service Controllers to host web-based provisioning clients.d/wshttpd start 20. DHCP Server (Client Configuration) A DHCP Client is any network device that requires an IP address.d/wshttpd stop 19. see the Web and FTP Server User Guide. such as a personal computer. Confirm that you can navigate to the updater directory. 1. 2015 Page 45 . This determines how the user account models the login name. Each DHCP Client is represented by a user account in the Service Manager. Below are the most common commands for Web and FTP Server. type: /etc/init.Bridgewater ATP Version 1.

to authenticate a user against the Bridgewater Systems AAA Service Controller. The Logging Framework focuses exclusively on log messages and selectively routes messages to different files. such as WAP. based on the source application and the message priority. The user is authenticated once against the AAA Service Controller when they start a data session. or both. RADIUS Proxy The Bridgewater RADIUS Server can act as a proxy for authentication and accounting requests by forwarding messages from the NAS to a remote RADIUS server. Push-To-Talk. This bi-directional data flow-through allows administrators to make changes. Page 46 March 11. an administrator provisions each third-party application that a user can access LDAP Integration The LDAP Interface transfers user and service profile data automatically between the AAA Service Controller and the web browser server. Session State Register (SSR) The Session State Register (SSR) enables network applications. applications can retrieve the user information by querying the SSR. such as adding or changing user accounts.0 Application Authorization Server (AppAuth) The Application Authorization Server (AppAuth) allows third-party network applications to use the central user repository in the AAA Service Controller for user authorization. authorization or billing based on the retrieved user profile. Using the Service Manager GUI. As the user accesses various applications on the network. System Monitoring (Monitoring Utility – BWSbmon) Bridgewater provides several facilities for monitoring and troubleshooting components in the Bridgewater Systems product suite. in either system. When the Monitoring Facility detects an exception condition.Bridgewater ATP Version 1. administrators can suspend a user in the LDAP directory and this user is automatically suspended in the AAA Service Controller database. These network applications can retrieve user-specific profile information from the AAA Service Controller. based on the user IP Address. or SNMP traps. Define separate target servers for authentication and accounting. 2015 . it sends an alert message by email. For example. and the user information is stored in the SSR dynamic RMS database until such time as the session is terminated by the AAA Service Controller. and MMS servers. Each application can then perform its own authentication. SNMP trap. The SSR supports both CDMA and GSM. The Logging Framework provides a consistent mechanism for handling log messages across Bridgewater application components. the syslog daemon. which maps the user IP address to a user profile. The AAA Service Controller database provides a centralized repository for profile information. including the: The Monitoring Facility monitors processes and system state but can also monitor log files for specific message patterns. These changes are automatically transferred from one system to the other. as well as both IPv4 and IPv6.

type: ps –ef|grep pps Prepaid operation Typical tasks for verifying the prepaid operation are: March 11.0 Prepaid Integrator (PPI) The Prepaid Integrator. type: tail -100f /Widespan/logs/ppslog To check the lightbridge log file. type: tail -100f /Widespan/logs/lightbridge. For more information. To access the configuration file for editing. type: /etc/init. 2015  set up Service Profiles  set up User Profile Sets  create test Users  for test Users (using radtest) local authentication and accounting  accounting for test Users (using radtest) remote authentication and  test Users (from PDSN) authentication and accounting for  /Widespan/logs/oplog check the logs: Page 47 .d/wspps start or /etc/init. and the Resource Management Server (RMS) enables prepaid and postpaid/ subscription services. see the Prepaid Integrator Solution Guide.log To verify that the processes are running. along with your billing system. type: tail -100f /var/adm/messages To check the prepaid services log file. Below are the most common commands for Web and FTP Server. type: /Widespan/config/prepaid/pps-config. the AAA Service Controller.xml To start or stop the daemon.Bridgewater ATP Version 1.d/wspps stop To check the messages log file.

For detailed instructions about installing the CALEA Controller. operating with multiple SS8 Xcipio platforms. The CALEA Controller integrates into your network. Calea TimesTen database The CALEA Controller uses a 32-bit TimesTen database (other Bridgewater products use a 64-bit one). The CALEA database package is "BWSwstt32". The TimesTen setup script for the CALEA Controller differs slightly from the regular TimesTen setup script. the AAA Service Controller. 2015 . The CALEA Controller package is "BWSwscal".Bridgewater ATP Version 1. Page 48 March 11. and the Session State Register.0 Postpaid operation Typical tasks for verifying the postpaid operation are:  set up Service Profiles  set up User Profile Sets  create test Users  for test Users (using radtest) local authentication and accounting  accounting for test Users (using radtest) remote authentication and  test Users (from PDSN) authentication and accounting for  /Widespan/logs/oplog check the logs:  (local radtest) check accounting output to flat file  (remote radtest) check accounting output to flat file  (PDSN) check accounting output to flat file CALEA Controller The CALEA Controller is a secure standalone server that stores and maintains information related to all intercept targets under surveillance. see the Bridgewater Installation Guide.

2015 Page 49 . Date: Location: Product Release: Bridgewater Engineer: For and on behalf of: Organization Name Signature March 11. It is understood that further configuration and testing will continue.0 Installation Acceptance Form The undersigned hereby certifies the completion of the Installation Acceptance Test Plan and acceptance of the Bridgewater products. but that the product has been successfully installed and is available for normal use.Bridgewater ATP Version 1.