Cisco Physical Access Gateway User Manual
Browse online or download User Manual for Gateways/controllers Cisco Physical Access Gateway. Implementation of Cisco Physical Access Control Solution
- Page / 114
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
- Session ID-BRKSEC-2081 1
- Up to 64 2
- Access Gateway 3
- Client PC 3
- Product Overview 4
- Hardware Module Overview 6
- Gateway module connections 7
- Additional modules 8
- Video Integration 10
- Solution Details 11
- The CPAM server 12
- The CPAM server (continued) 13
- CPAM server Install 14
- Install continued 15
- NTP (Network Timing Protocol) 16
- High Availability for CPAM 17
- Cisco PAM High Availability 19
- Commands tab 20
- CPAM database backup 22
- CPAM database restore 23
- Licensing 24
- Cisco PAM Licensing Model 25
- License SKUs 26
- Hardware SKUs 27
- The Gateway Module 29
- POE for the Gateway 32
- SSL enabled by default. If 36
- Network tab also 36
- Additional module inventory 37
- Gateway Image management 38
- CAN bus layout 40
- Where do I get this ‘client’? 42
- Log in via the client 43
- Templates 45
- Flexible Door Template 47
- Credential template 49
- If the badge is known! 52
- Audit trails 53
- Device templates (Inputs) 54
- What is a supervised input? 55
- Generic Output 56
- Door Template 57
- Gateway Template 58
- Gateway Cloning 59
- Gateway module replacement 60
- Replace non Gateway module 61
- Disable/Delete function 62
- Creating the Door 63
- The door theory! 64
- Door Device Associations 65
- Deviations from the Templates 66
- Door Usage Profile 69
- Logical device locations 72
- 1.0.0(0.1.168) 74
- 74
- 74
- 74
- Gateway Bulk Image upgrade 75
- Schedules 77
- Gateway timezone 78
- Schedule example 79
- Schedule creation 80
- Policy creation 82
- Badge Access Level and Policy 84
- Badges continued 85
- Credential download 87
- Event Monitoring 89
- Used to trigger some action 90
- Examples: 90
- Turn on light or send email 90
- Global I/O 91
- The trigger 92
- The action 93
- Email notification TEST 94
- Email notification for events 95
- Sample email text 96
- Camera associations 98
- Alarms and video 100
- Troubleshooting the system 104
- Gateway Log collection 106
- Uploading logs to CPAM server 107
- CPAM log collection 110
- CPAM client logs 111
- Firewall considerations 112
- Additional features 113
Summary of Contents
Session ID-BRKSEC-2081Implementation of Cisco Physical Access Control
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID10Video Integration Video integration with Cisco VSM Suite:
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID100Alarms and video Once camera and door are associated, any
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID101User profile must be configured to show videoCPAM user pro
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID102Alarm can trigger live video popupAlarm caused by Door For
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID103The advantage of Gateway Cloning1. Doors Templates C
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID104Troubleshooting the system
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID105The infamous ‘show tech’ for CPAMShow Technical Support op
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID106Gateway Log collection Performed via CPAM client using Ga
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID107Uploading logs to CPAM serverLeft Click on the Gateway, th
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID108Moving file from the CPAM to client machine1Open Image Man
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID109Zipping and emailing the Gateway LogsOnce the files are on
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID11Solution Details
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID110CPAM log collection SSH (user and password needed) into t
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID111CPAM client logs Log is kept on the client machine where
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID112Firewall considerations TCP port 80 HTTP TCP port 4
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID113Additional features Graphic Maps with active ICONs Quick
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID114
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID12The CPAM server CPAM server is first device to setup and i
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID13The CPAM server (continued) Install and IP addressing HA
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID14CPAM server Install CPAM server comes pre-loaded from fact
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID15Install continuedUnder the Network panel, you are prompted
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID16NTP (Network Timing Protocol) Standards method to ensure a
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID17High Availability for CPAM Active Server ETH0 IP address
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID18High Availability for the CPAM server Type determined at i
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID19Cisco PAM High AvailabilityUtilizes LINUX-HA project for th
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID2Access Control Architectures of yesteryearSerial RS485Cables
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID20Stopping the CPAM server applicationStop option is availabl
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID21Software upgrades for CPAM server, CPAM is always upgraded
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID22CPAM database backupPerformed from the CPAM web interfaceBa
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID23CPAM database restoreCPAM server application must be stoppe
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID24Licensing Installed via WEB connection to CPAM active serve
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID25Cisco PAM Licensing ModelAdditional feature licenses availa
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID26License SKUsSKU DescriptionCIAC-PAME-BD= Badge Designer Lic
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID27Hardware SKUsSKU DescriptionCIAC-PAME-1125-K9 Version 1 CPA
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID28Gateway and associated modules Web Configuration Tool. Po
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID29The Gateway Module The second device to configure and inst
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID3Cisco Access Control Deployment ArchitectureCiscoAccess Gate
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID30Gateway module Web Configuration tool Eth0 IP Address assi
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID31NTP If NTP is not configured on the gateway , it will use
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID32POE for the Gateway GW POE budget can be used to power rea
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID33Sample of Single Door POE ConnectionWeigand Reader Reader
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID34Weigand slot wiring on Gateway or Reader modules.Chassis La
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID35Initial configuration of the Gateway moduleusing Eth1User a
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID36Setting the IP and CPAM on the GW moduleDHCP is on by defau
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID37Additional module inventoryUsing the Show Inventory panel y
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID38Gateway Image managementYou can use the web interface to ma
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID39CAN bus Controller Area Network bus 3 wire, parallel bus
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID4Product Overview Hardware: Cisco Access Gateway controlling
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID40CAN bus layoutCAN termination set on for this module and of
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID41CPAM client (configuring the hardware) Where do I get it f
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID42Where do I get this ‘client’?HTTPS into the CPAM server.Und
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID43Log in via the clientFound under Programs, in the directory
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID44Window jumping, from here to anywhereThis menu bar is avail
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID45Templates Used for credentials, devices, doors, and gatewa
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID46TemplatesDevice template created or edited and savedCredent
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID47Flexible Door Template Doors templates can consist of any
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID48Template theory in use example You have 50 doors that will
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID49Credential template• Credential template must match the bit
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID5Access Control Hardware Modules1. Access Gateway: CIAC-GW-K9
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID50Associating Credential templates with reader Done on the r
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID51What if the badge layout is unknown?Reader Decode Failed me
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID52If the badge is known!Here we see that the badge was read a
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID53Audit trailsWhile viewing the badge record, we can look at
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID54Device templates (Inputs)•Accessed from CPAM client main me
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID55What is a supervised input? An unsupervised input has 2 st
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID56Generic OutputCreates from the Device Template main menu.No
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID57Door TemplateUsed to create logical door layout. Each devi
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID58Gateway TemplateOnce you have a Gateway configured the way
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID59Gateway CloningUseful when you are pre-provisioning the CPA
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID6Cisco Physical Access GatewayOutputModuleReader ModuleHardwa
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID60Gateway module replacementFirst, Disable the GatewayThird,
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID61Replace non Gateway moduleOn the client, Hardware tree disp
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID62Disable/Delete functionBy default, devices can only be disa
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID63Creating the DoorLogical door is created under the Location
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID64The door theory! Basic door has 4 devices involved The re
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID65Door Device AssociationsUnder Associate Devices, you select
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID66Deviations from the TemplatesThe device template used in th
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID67•Here is where we map the physical door connections to the
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID68Door properties (defaults are based on door template used t
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID69Door Usage ProfileDefault is based on door template used to
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID7Gateway module connectionsEth0 port used for network connect
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID70Facility Code and Duress SpecificationCredential templates
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID71Configuration download to the gateway Once the devices and
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID72Logical device locations Easy way to determine what device
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID73Firmware upgrades for Gateway module 2 step process…image
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID74Firmware upgrade on Gateway continuedOnce image is on the C
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID75Gateway Bulk Image upgradeSame options as seen on the Gatew
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID76CPAM client (configuration for access) Schedules Access P
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID77Schedules Schedules are created to fit the specific custom
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID78Gateway timezoneBefore schedules can be accurately put in p
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID79Schedule example We want to create a schedule and associat
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID8Additional modulesRequire external power to operateConnected
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID80Schedule creationWe added a schedule entry to use the defau
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID81Deny action for desired HolidaysAfter adding the Permit for
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID82Policy creationHere we created a Policy and added the descr
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID83Configuring a badge for accessCard number is imbedded in th
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID84Badge Access Level and PolicyWhich location and what access
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID85Badges continuedCredential template must be associated to t
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID86Badges are then associated to peoplePersonnel records are c
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID87Credential download Credential database is synced between
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID88Manual download of credentialsIf you update a badge credent
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID89Event MonitoringFlashes on every window when alarm occurs
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID9Cisco Physical Access Manager (CPAM) Appliance form factor
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID90Global I/O to take action on a trigger Automation driver m
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID91Global I/OEvent trigger is defined, this can based on any e
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID92The triggerHere we have the ability to use any event messag
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID93The actionUnder Action, we added a Device Command.We then s
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID94Email notification TESTYou can use the CPAM web interface t
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID95Email notification for eventsHere we see and Automation Rul
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID96Sample email textTest email generated by the CPAM server Te
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID97Video Integration EDI driver will start automatically, use
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID98Camera associationsOnce the drivers are started, you need t
© 2010 Cisco and/or its affiliates. All rights reserved.Cisco ConfidentialPresentation_ID99Camera Manager and door associationsCamera Manager is under
Related products and manuals for Gateways/controllers Cisco Physical Access Gateway
(33 pages)
(41 pages)
(33 pages) (17 pages)
(13 pages)
(71 pages)
(90 pages)© 2020, manymanuals.com. All rights reserved. | 0.129 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals