Cisco Cisco Clean Access 3.5
2-11
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 2 Installing the Clean Access Manager
CAM/CAS Connectivity Across Firewall
CAM/CAS Connectivity Across Firewall
The Clean Access Manager uses RMI for parts of its communication with the Clean Access Server,
which means it uses dynamically allocated ports for this purpose. For customer deployments that have
firewalls between the CAS and the CAM, Cisco recommends setting up rules in the firewall that allow
communication between the CAS and CAM machines, that is, a rule that allows traffic originating from
the CAM destined to the CAS (and vice versa).
which means it uses dynamically allocated ports for this purpose. For customer deployments that have
firewalls between the CAS and the CAM, Cisco recommends setting up rules in the firewall that allow
communication between the CAS and CAM machines, that is, a rule that allows traffic originating from
the CAM destined to the CAS (and vice versa).
For release 3.5(x), TCP ports 80, 443, 1099, and 32768~61000 (usually 32768~32999 are sufficient) are
required.
required.
Access the CAM Web Console
The Clean Access Manager web administration console is the web interface for administering the Cisco
Clean Access deployment. The CAM includes a preconfigured web server, so you do not have to set up
a web server to start using the web console.
Clean Access deployment. The CAM includes a preconfigured web server, so you do not have to set up
a web server to start using the web console.
To open the web admin console:
1.
Launch a web browser from a computer accessible to the Clean Access Manager by network. The
web console supports Internet Explorer 6.0 or above.
web console supports Internet Explorer 6.0 or above.
2.
In the URL field, type the IP address of the Clean Access Manager machine (or the host name if you
have made the required entry in your DNS server).
have made the required entry in your DNS server).
3.
If using a temporary SSL certificate, the security alert appears and you are prompted to accept the
certificate. Click Yes to accept the certificate. (If using signed certificates, this security dialog will
not appear.)
certificate. Click Yes to accept the certificate. (If using signed certificates, this security dialog will
not appear.)
4.
The Clean Access Manager License Form appears (see
5.
Browse to the license file you received in the Clean Access Manager License File field and click
the Install License button. For further details on Cisco Clean Access licensing, see
the Install License button. For further details on Cisco Clean Access licensing, see
Caution
It is recommended to obtain a permanent license before continuing with full-scale deployment. Trial
licenses are intended for evaluation purposes and expire after a pre-determined period of time. Once a
license expires, the elements of Cisco Clean Access will not be able to start. Contact a Cisco
representative to purchase a permanent license or trial extension.
licenses are intended for evaluation purposes and expire after a pre-determined period of time. Once a
license expires, the elements of Cisco Clean Access will not be able to start. Contact a Cisco
representative to purchase a permanent license or trial extension.
6.
Once the license is accepted, the web admin console login window appears (
). Type the
username admin and default web admin user password cisco123, and click Login.