Cisco Systems 520 series manual
- Consulta online o descarga el manual de instrucciones
- 162 páginas
- 4.21 mb
Ir a la página of
manuales de instrucciones parecidos
-
Webcam
Cisco Systems ASA 5585-X
754 páginas 14.68 mb -
Webcam
Cisco Systems 4900
59 páginas 0.96 mb -
Webcam
Cisco Systems CABHDMIPHD4XS2
34 páginas 3.08 mb -
Webcam
Cisco Systems CTSATPSX204XK9
50 páginas 4.89 mb -
Webcam
Cisco Systems 520 series
162 páginas 4.21 mb -
Webcam
Cisco Systems OL-10282-01
6 páginas 0.38 mb -
Webcam
Cisco Systems PVC2300
13 páginas 0.65 mb -
Webcam
Cisco Systems ASA 5545-X
754 páginas 14.68 mb
Buen manual de instrucciones
Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Cisco Systems 520 series. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Cisco Systems 520 series o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.
¿Qué es un manual de instrucciones?
El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Cisco Systems 520 series se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.
Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Cisco Systems 520 series, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.
Entonces, ¿qué debe contener el manual de instrucciones perfecto?
Sobre todo, un manual de instrucciones Cisco Systems 520 series debe contener:
- información acerca de las especificaciones técnicas del dispositivo Cisco Systems 520 series
- nombre de fabricante y año de fabricación del dispositivo Cisco Systems 520 series
- condiciones de uso, configuración y mantenimiento del dispositivo Cisco Systems 520 series
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas
¿Por qué no leemos los manuales de instrucciones?
Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Cisco Systems 520 series no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Cisco Systems 520 series y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Cisco Systems en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Cisco Systems 520 series, como se suele hacer teniendo una versión en papel.
¿Por qué vale la pena leer los manuales de instrucciones?
Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Cisco Systems 520 series, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.
Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Cisco Systems 520 series. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.
Índice de manuales de instrucciones
-
Página 1
Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Cisco S ecure Router 520 S eries S of tw are Conf iguration Guide Customer Order Number: Text Part Number: OL -14210-01[...]
-
Página 2
THE SPECIFICATION S AND INFORMATION RE GARDING THE PR ODUCTS IN THIS MA NUAL ARE SUBJECT T O CHANGE WITHOUT NOTICE. ALL STATEMENTS , INFORMATION, AND RECOMMENDATI ONS IN THI S MANUAL ARE BE LIEVED TO BE A CCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICATION OF ANY P[...]
-
Página 3
iii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 CONTENTS Preface ix Objective ix Audience ix Organization x Conventi ons xi Related Documentation xvi Obtaining Documentation and Submitting a Serv ice Request xvii PART 1 Getting Started CHAPTER 1 Basic Router Co nfiguration 1-1 Viewing the De fault Configuration 1-2 Infor[...]
-
Página 4
Contents iv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 PART 2 Configuring Your Router for Ethernet and DSL Access CHAPTER 2 Sample Network Deployments 2-1 CHAPTER 3 Configuring PPP over Ethernet with NAT 3-1 Configure the Virtual Private Dialup Network Group Number 3-2 Configure the Fast Ethernet WAN Interfaces 3-3 Conf[...]
-
Página 5
Contents v Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Apply the Crypto Map to the Physic al Interface 6-8 Create an Easy VPN Remote Configuratio n 6-9 Verifying Your Easy VPN Configuratio n 6-10 Configuration Example 6-10 CHAPTER 7 Configuring VPNs Using a n IPsec Tunnel a nd Generic Routing Encapsulation 7-1 Configure [...]
-
Página 6
Contents vi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Guidelines for Creating Access Groups 11-3 Configuring a CBAC Firewall 11-3 Configuring Cisco IOS Firewall IDS 11-4 Configuring VPNs 11-4 CHAPTER 12 Troubleshooting 12-1 Getting Started 12-1 Before Contacting Cisco or Your Reseller 12-1 ADSL Troubleshooting 12-2 ATM[...]
-
Página 7
Contents vii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Saving Configuration Changes A-6 Summary A-7 Where to Go Next A-7 APPENDIX B Concepts B-1 ADSL B-1 Network Protocols B-2 IP B-2 Routing Protocol Options B-2 RIP B-2 PPP Authentication P rotocols B-3 PAP B-3 CHAP B-3 TACACS+ B- 4 Network Interfaces B-4 Ethernet B-4 [...]
-
Página 8
Contents viii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing th e Configurat ion Register Manually C-6 Changing th e Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug C[...]
-
Página 9
ix Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface This preface describes the objectiv es, audience, org a nization, and co n ventions of this gui de, and describes related docu ments that ha ve additio nal information. It contains the follo wing sections: • Objecti ve, page ix • Audience, p age ix • Organizati[...]
-
Página 10
x Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Organization This guide is or ganized into the follo wing chapters and appendi x. Part 1: Getting Started Chapter 1 , “Basic Router Conf iguration” Describes how to conf igure basic router features and interfaces. Part 2: Configuring Y our Router for Ethernet and [...]
-
Página 11
xi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Conventions This section descri bes the con vention s used in this guide. Note Means reader take note . Notes contain helpful suggestio ns or references to additio nal information and material. Caution This symbol means r eader be careful . In thi s situation, you mi[...]
-
Página 12
xii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Attention IMPORT ANTES INFORMA TIONS DE SÉCURITÉ Ce symbole d'avertissement indique un danger . V ous vous trouvez dans une situation pouvant entraîner des blessures ou des do mmages corporels. A vant de travailler sur un équipement, soyez conscient des dan[...]
-
Página 13
xiii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface ¡Advertencia! INSTRUCCIONES IMPORT ANTES DE SEGURIDAD Este símbolo de aviso indica peligro. Existe riesgo para su integridad física. Antes de manipular cualquier equipo, conside re los riesgos de la corriente eléctrica y familiarícese con los procedimientos es[...]
-
Página 14
xiv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Avi so INSTRUÇÕES IMPORT ANTES DE SEGURANÇA Este símbolo de aviso significa perigo. V ocê se encontra em uma situação em que há risco de le sões corporais. Antes de trabalhar com qualquer equipam ento, esteja ciente dos riscos que envolvem os circuitos elé[...]
-
Página 15
xv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface[...]
-
Página 16
xvi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Related Documentation The Cisco Secure Router 520 Series pr oduct is shipped wi th a minimal set of printed do cumentation. Additional prod uct documentation is a vailable on Cisco.co m. In addition to the Cisco Secur e Router 520 Series Softwar e Config uration Gui[...]
-
Página 17
xvii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Obtaining Documentation and Submitting a Service Request For info rmation on obtaining documentation, sub mitting a service request, and gatheri ng additional information, see the mont hly What’ s New in Cisco Pr oduct Documentation , which also li sts all ne w a[...]
-
Página 18
xviii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface[...]
-
Página 19
P ART 1 Get ting Star ted[...]
-
Página 20
[...]
-
Página 21
CH A P T E R 1-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 1 Basic Router Configuration The Cisco Secure Router 520 Series r outers are designed for small b usinesses with up to 50 users and telew orkers who want secure connect i vity to corporate LANs and to th e Internet. These routers pro vide adv anced security fea[...]
-
Página 22
1-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Viewing the De fault Configuration Viewing the Default Configuration When the router first boots up, some basic confi gurat ion has already been performed. All of the LAN and W AN interfaces have been created, console and VTY ports are [...]
-
Página 23
1-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Interface Port Labels – Order the appropriate li ne from your public tele phone service pro vider . Ensure that the ADSL signaling type is DMT (also called AN SI T1.413) or DMT Issue 2. Once you hav e collected the ap propriate informa[...]
-
Página 24
1-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Configure Global Parameters Perform these steps to configure select ed gl obal parameters for your rout er: For complete in formation on the global paramet er commands, see the Cisco IOS Release 12.3 documen[...]
-
Página 25
1-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters Based on the rou ter you hav e, configure th e W AN interface( s) by usin g one of the follo wing procedures: • Config ure the Fast Eth ernet W AN Interface • Config ure the A TM W AN Interface Configure [...]
-
Página 26
1-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Perform these steps to conf igure the A TM interface, beginning in global conf iguration mode: Configure the Wireless Interface The wireless interface enables connection to the rout er through a wireless LAN[...]
-
Página 27
1-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters Perform these steps to conf igure a loopback interface, beginni ng in global conf iguration mode: Configuration Example The loopback interf ace in this sample conf iguratio n is used to supp ort Network Ad dr[...]
-
Página 28
1-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Last clearing of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bit[...]
-
Página 29
1-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters For complete in formation about the co mmand line commands, see the Cisco IOS Rel ease 12.3 documentation set . Configuration Example The follo wing conf iguration shows th e command-line access commands. Y o[...]
-
Página 30
1-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Static Routes Configuring Static Routes Static routes pro vide fix ed routing paths through the network. Th ey are manually conf igured on the router . If the network topo logy changes, the static ro ute must be updated wit[...]
-
Página 31
1-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Dyn amic Routes ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 1 subnets C 10.108.1.0 is dire[...]
-
Página 32
1-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Dynamic Routes For complete in formation on the dynamic routi ng commands, see the Cisco IOS Release 12 .3 documentatio n set. For more general in formation on RIP , see Appendix B, “Concepts. ” Configuration Example Th[...]
-
Página 33
P ART 2 Conf iguring Y our Router f o r Ethernet and DSL A ccess[...]
-
Página 34
[...]
-
Página 35
CH A P T E R 2-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 2 Sample Network Deployments This part of the softw are config uration guide presents a v ariety of possible Ethernet and Digital Subscriber Line (DSL)—based networ k conf igurations using the Cisco Secure Router 520 Ser ies router . Each scenario is describe[...]
-
Página 36
2-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 2 Sample Network De ployments • Chapter 7, “Configuring VPNs Using an IPsec T u nnel and G eneric Ro uting Encapsu lation” • Chapter 8, “Configu ring a Simple Fire wall”[...]
-
Página 37
CH A P T E R 3-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 3 Configuring PPP over Ethernet with NAT The Cisco Secure Router 520 Ethernet-to-Ethernet r outers su pport Point-to-Po int Protocol o ver Ethern et (PPPoE) clients and network address translat ion (N A T). Multiple PCs can be connected to the LAN behind the ro[...]
-
Página 38
3-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure the Vir tual Private Dialup Network Group Number PPPoE The PPPoE Client feature on the router pro vides PPPoE client support on Ethernet interf aces. A dialer interface must be used f or cloning virtual access. Mult[...]
-
Página 39
3-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure the Fast Ethern et WAN Interfaces Configure the Fast Ethernet WAN Interfaces In this scenario, the PPPoE client (your Cisco router ) communicates ov er a 10/100 Mbps-Ethernet interface on both t he inside and the [...]
-
Página 40
3-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure the Dialer Interface Configure the Dialer Interface The dialer interface indicates ho w to handle traff i c from the clients, including, for e x ample, def ault routing information, t he encapsulation protocol, and [...]
-
Página 41
3-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure Network Address Translation Configure Network Address Translation Network Address T r anslation (N A T) tr anslates packets from addresses that match a standard access list, using glob al addresses allocate d by t[...]
-
Página 42
3-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure Netw ork Address Tran slation Perform these steps to configu re the outside Fast Ethernet W AN interf ace with dynamic N A T , beginni ng in global conf iguration mode: Command Purpose Step 1 ip nat pool name start [...]
-
Página 43
3-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure Network Address Translation Note If you want to use N A T with a virtual-template interf ace, you must conf igure a loopback interf ace. See Chapter 1, “Basic Router Configuration, ” for informat ion on confi [...]
-
Página 44
3-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configuratio n Example Configuration Example The follo wing conf iguration example sho ws a portion of the configurat ion file for the PPPoE scenario described in th is chapter . The VLAN interface has an IP ad dress of 192.1[...]
-
Página 45
3-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configuration E xample Dynamic mappings: -- Inside Source [Id: 1] access-list 1 interface Dialer0 refcount 0 Queued Packets: 0[...]
-
Página 46
3-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configuratio n Example[...]
-
Página 47
CH A P T E R 4-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 4 Configuring PPP over ATM with NAT The Cisco Secure Router 520 ADSL-ov er-PO TS and Cisco Secure Router 520 ADSL-ov er-ISDN routers support Point-to-Point Protocol o ver Asynchronous T r ansfer Mode (PPPoA) clie nts and network address translation (N A T). Mul[...]
-
Página 48
4-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure the Dialer Interface In this scenario, the smal l business or remote user on the F ast Ethernet LAN can connect to an Internet service pro vider (ISP) using the follo wing protocols on the W AN connect ion: • Asymmet[...]
-
Página 49
4-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure th e Dialer Interface Perform these steps to configure a dialer interface fo r the A TM interface on the ro uter , starting in global confi guration mode: Command Purpose Step 1 interfac e dialer dialer -r otary-gr oup-n[...]
-
Página 50
4-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure the Dialer Interface Repeat these steps for any ad ditional dialer interfac es or dialer pools needed. Step 8 exit Example: Router(config-if)# exit Router(config)# Exits the dialer 0 interface configuration. Step 9 dia[...]
-
Página 51
4-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure the ATM WAN Interface Configure the ATM WAN Interface Perform these steps to conf igure the A TM interface, beginning in global conf iguration mode: Command Purpose Step 1 interface type number Example: Router(config)# i[...]
-
Página 52
4-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure DSL Signa ling Protocol Configure DSL Signaling Protocol DSL signaling must be conf igured on the A TM interf ace for connection to your ISP . The Cisco Secure Router 520 ADSL-o ver -POTS rou ters support ADSL signal i[...]
-
Página 53
4-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure Network Address Translation Verify the Configuration Y ou can verify t hat the confi guration is set the way yo u want b y using the sho w dsl interface atm command from pri vileged EXEC mode. Configure Network Address T[...]
-
Página 54
4-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure Netw ork Address Tran slation Step 4 ip nat { inside | outside } Example: Router(config-if)# ip nat inside Router(config-if)# Applies NA T to the Fast Ethernet LAN interface as the inside interf ace. For details ab out[...]
-
Página 55
4-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configuration E xample Note If you want to use N A T with a virtual-template interf ace, you must conf igure a loopback interf ace. See Chapter 1, “Basic Router Configuration, ” for informat ion on conf iguring the loopback in[...]
-
Página 56
4-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configuratio n Example ip mtu 1492 encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap ! ip classless ( default ) ! ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 0.0.0.255 ip nat inside source list 1 inte[...]
-
Página 57
CH A P T E R 5-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 5 Configuring a LAN with DHCP and VLANs The Cisco Secure Router 520 Ser ies routers supp ort clients on both phy sical LANs and virtual LANs (VLANs). The routers can u se the Dynamic Host Conf iguration Protocol (DHCP) to enable auto matic assignment of IP conf[...]
-
Página 58
5-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure DHCP Note Whenev er you change server p roperties, you must relo ad the serv er with the configur ation data from the Network Re gistrar database. VLANs The Cisco Secure Router 520 Series rou ters support four F ast[...]
-
Página 59
5-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure DHCP Step 4 ip dhcp pool name Example: Router(config)# ip dhcp pool dpool1 Router(dhcp-config)# Creates a DHCP address pool on the router and enters DHCP pool conf iguration mode. The name ar gument can be a string o[...]
-
Página 60
5-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure DHCP Configuration Example The follo wing conf iguration example sho ws a portion of the confi guration fi le for the DCHP confi guration described in this chapter . ip dhcp excluded-address 192.168.9.0 ! ip dhcp po[...]
-
Página 61
5-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure VLANs Message Sent BOOTREPLY 0 DHCPOFFER 0 DHCPACK 0 DHCPNAK 0 Router# Configure VLANs Perform these steps to conf igure VLANs on your router , beginning in pri vileged EXEC mode: Command Purpose Step 1 vlan database[...]
-
Página 62
5-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure VLANs Assign a Switch Port to a VLAN Perform these steps to assign a sw itch port to a VLAN, begi nning in global conf iguration mode: Verify Your VLAN Configuration Use the follo wing commands to vie w your VLAN co[...]
-
Página 63
5-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure VLANs VLAN ISL Id: 3 Name: red-vlan Media Type: Ethernet VLAN 802.10 Id: 100003 State: Operational MTU: 1500 VLAN ISL Id: 1002 Name: fddi-default Media Type: FDDI VLAN 802.10 Id: 101002 State: Operational MTU: 1500 B[...]
-
Página 64
5-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure VLANs VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 1002 1003 2 enet 100002 1500 - -[...]
-
Página 65
CH A P T E R 6-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel The Cisco Secure Router 520 Ser ies routers support the creation of V irtual Priv ate Networks (VPNs). Cisco routers and other broadband de vices provide high-perfo rmance connections to the Internet , but [...]
-
Página 66
6-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Cisco Easy VPN The Cisco Easy VPN client feature elimin ates much of the tedious conf iguration work b y implementing the Cisco Un ity Client prot ocol. This protoc ol a llo ws most VPN parameters, such as inter[...]
-
Página 67
6-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the I KE Policy Note The procedures in this chap ter assume that you h av e already conf igur ed basic router feat ures as well as PPPoE or PPPoA with N A T , DCHP and VLANs. If you hav e not performe [...]
-
Página 68
6-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure Gro up Policy Information Configure Group Policy Information Perform these steps to conf igure the group policy , begin ning in global co nfigur ation mode: Step 5 group { 1 | 2 | 5 } Example: Router(c[...]
-
Página 69
6-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Apply Mode Con figur ation to the Crypto Map Apply Mode Configuration to the Crypto Map Perform these steps to apply mode co nfiguratio n to the crypto map, be ginning in global conf iguration mode: Step 4 domai[...]
-
Página 70
6-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Enable Policy Lookup Enable Policy Lookup Perform these steps to enable polic y lookup through AAA, be ginning in global configurati on mode: Configure IPsec Transforms and Protocols A transform set represents a[...]
-
Página 71
6-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the IPsec Cryp to Method and Paramete rs Perform these steps to specify the IPsec transform set and protocols, be ginning in global conf iguration mode: Note W ith manually establish ed security associ[...]
-
Página 72
6-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Apply the Crypto Ma p to the Phys ical Interface Apply the Crypto Map to the Physical Interface The crypto maps must be applied to each interface through which IP Security (IPsec) traff ic flows. Applying the cr[...]
-
Página 73
6-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Create an Easy VPN Remote Configuration Create an Easy VPN Remote Configuration The router acting as the IPsec remote router must create an Easy VPN remote configuration and assign it to the outgoing interf ace.[...]
-
Página 74
6-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Verifying Your Easy VPN Configuration Verifying Your Easy VPN Configuration router# show crypto ipsec client ezvpn Tunnel name :ezvpnclient Inside interface list:vlan 1 Outside interface:fastethernet 4 Current [...]
-
Página 75
6-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configuration E xample username Cisco password 0 Cisco ! crypto isakm p policy 1 encryption 3des authentication pre-share group 2 lifetime 480 ! crypto isakmp client configuration group rtr-remote key secret-pa[...]
-
Página 76
6-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configuratio n Example[...]
-
Página 77
CH A P T E R 7-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation The Cisco Secure Router 520 Ser ies routers support the creation of virtual pr iv ate networks (VPNs). Cisco routers and other broadband de vices provide high-perfo rmance connections to[...]
-
Página 78
7-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN GRE Tunnels GRE tunnels are typi cally used to establish a VPN be tween t he Cisco router and a remote de vice that controls access to a priv ate ne twork, such as a co rp[...]
-
Página 79
7-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Configure the IKE Policy Perform these steps to conf igure the Internet Ke y Exchange (IKE) policy , beginni ng in global confi guration mode: Command or Action Purpose Step [...]
-
Página 80
7-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN Configure Group Policy Information Perform these steps to conf igure the group policy , begin ning in global co nfigur ation mode: Command or Action Purpose Step 1 crypto [...]
-
Página 81
7-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Enable Policy Lookup Perform these steps to enable polic y lookup through AAA, be ginning in global conf iguration mode: Configure IPsec Transforms and Protocols A transform [...]
-
Página 82
7-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN Perform these steps to specify the IPsec transform set and protocols, be ginning in global conf iguration mode: Note W ith manually establish ed security association s, th[...]
-
Página 83
7-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Apply the Crypto Map to the Physical Interface The crypto maps must be applied to each interface through which IP sec traf fic flo w s. Applying the crypto map to the ph ysic[...]
-
Página 84
7-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a GRE Tunnel Configure a GRE Tunnel Perform these steps to conf igure a GRE tunnel, beginning in glob al conf iguration mode: Step 2 crypto map map-name Example: Router(config-i[...]
-
Página 85
7-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configuration E xample Configuration Example The follo wing conf iguration example sho ws a portion of the config uration fi le for a VPN using a GRE tunnel scenario described in the precedi[...]
-
Página 86
7-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configuratio n Example tunnel source fastethernet 0 tunnel destination interface 192.168.101.1 ip route 20.20.20.0 255.255.255.0 tunnel 1 crypto isakm p policy 1 encryption 3des authenti[...]
-
Página 87
7-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configuration E xample ! ! Utilize NAT overload in order to make best use of the ! single address provided by the ISP. ip nat inside source list 102 interface Ethernet1 overload ip classles[...]
-
Página 88
7-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configuratio n Example[...]
-
Página 89
CH A P T E R 8-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 8 Configuring a Simple Firewall The Cisco Secure Router 520 Series routers support network traf fic filtering b y means of access lists. The routers also support packet inspection an d dynamic temporary access lists b y means of Context-Based Access Control (CB[...]
-
Página 90
8-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Figure 8-1 sho ws a network deplo yment using PPPoE or PPPoA with N A T and a fire wall. Figur e 8-1 Rout er with Fir ewall Configur ed In the confi guration e xample that follo ws, the fire wall is applied to the outsid e W AN inter[...]
-
Página 91
8-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Configuring a Simple Firewall Configure Acce ss Lists Note The procedures in this chap ter assume that you h av e already conf igur ed basic router feat ures as well as PPPoE or PPPoA with N A T . If you hav e not pe rformed these configurations tasks, see Ch apte[...]
-
Página 92
8-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Configure Inspection Rules Configure Inspection Rules Perform these steps to confi gure fire wall inspection rule s for all TCP and UDP traff ic, as well as specific application protocols as def ined by the security poli cy , beginni[...]
-
Página 93
8-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Configuring a Simple Firewall Configuration E xample Configuration Example A telecommuter is granted s ecure access to a corporat e network, using IPsec tunnel ing. Security to the home network is acco mplished through f irewal l inspec tion. The protocols that ar[...]
-
Página 94
8-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Configuratio n Example ip nat outside no cdp enable ! ! acl 103 defines traffic allowed from the peer for the IPsec tunnel. access-list 103 permit udp host 200.1.1.1 any eq isakmp access-list 103 permit udp host 200.1.1.1 eq isakmp a[...]
-
Página 95
CH A P T E R 9-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 9 Configuring a Wireless LAN Connection The Cisco Secure Router 520 Series routers support a secur e, af fordabl e, and easy-to-use wireless LAN solution that combines mobility and fl exibility with the enterprise-class featur es required by net working profess[...]
-
Página 96
9-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configure the Root Radio Statio n Configuration Tasks Perform the follo wing tasks to configu re this network scenario: • Config ure the Root Radio Station • Config ure Bridging on VLANs • Config ure Radio Station Subi[...]
-
Página 97
9-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configure the Ro ot Radio Station Step 3 encryption method algorithm ke y Example: Router(config-if)# encryption vlan 1 mode ciphers tkip Router(config-if)# Specifies the encrypti on method, algorithm, and ke y used to access [...]
-
Página 98
9-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configure Bridging on VLA Ns Configure Bridging on VLANs Perform these steps to conf igure integrated routing and br idging on VLANs, be ginning in global confi guration mode: Step 10 power [ client | local ] [ cck [ number [...]
-
Página 99
9-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configure Radio Station Su binterfaces Repeat Step 2 through Step 6 abov e for each VLAN that requires a wireless inte rface. Configure Radio Station Subinterfaces Perform these steps to configure su binterfaces for each root [...]
-
Página 100
9-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configuratio n Example Repeat these steps to configure more subinterfaces, as needed. Configuration Example The follo wing conf iguration example sho ws a portion of the confi guration fi le for the wireless LAN scenario des[...]
-
Página 101
9-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configuration E xample ! encryption vlan 1 mode ciphers tkip ! ssid cisco vlan 1 authentication open wpa-psk ascii 0 cisco123 authentication key-management wpa ! ssid ciscowep vlan 2 authentication open ! ssid ciscowpa vlan 3 [...]
-
Página 102
9-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configuratio n Example no ip address bridge-group 3 bridge-group 3 spanning-disabled ! interface BVI1 ip address 10.0.1.1 255.255.255.0 ! interface BVI2 ip address 10.0.2.1 255.255.255.0 ! interface BVI3 ip address 10.0.3.1 [...]
-
Página 103
P ART 3 Conf iguring A dditional F eatures and T r oubleshooting[...]
-
Página 104
[...]
-
Página 105
CH A P T E R 10-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 10 Additional Configuration Options This part of the softw are conf iguration guid e describes addi tional conf iguration options and troubleshooting t ips for the Cisco Secure Router 520 Series routers. The config uration options described i n this part inclu[...]
-
Página 106
10-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 10 Additional Configuration Options[...]
-
Página 107
CH A P T E R 11-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 11 Configuring Security Features This chapter gi ves an ov erview of authentication, au thorization, and accounting ( AAA), the primary Cisco frame work for implementing selected securi ty features that can be conf igured on the Cisco Secure Router 520 Series [...]
-
Página 108
11-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configur ing Security Features Configuring AutoSecure For info rmation about confi guring AAA services and suppo rted security protocols, see the follo wing sections of the Cisco IOS Security Configuration Guide : • Config uring Authentication • Conf iguring[...]
-
Página 109
11-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configuring Security Featur es Configuring a CBAC Firewall Access Groups A sequence of access list def initions bound together with a common name or number is called an access group. An access group is enabled for an interface during interface configur ation wit[...]
-
Página 110
11-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configur ing Security Features Configuring Cisco IOS Firewall IDS Configuring Cisco IOS Firewall IDS Cisco IOS Fire wall Intrusion Detecti on System (IDS ) technolog y enhances perimeter fire wall protection by taking appropriate action on pack ets and flo ws th[...]
-
Página 111
CH A P T E R 12-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 12 Troubleshooting Use the information in this chapter to help isolate problems you might encounter or to rule out the router as the source of a problem. This ch apter contains the following sections: • Getting Started • Before Contacting Cisco or Y our Re[...]
-
Página 112
12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ADSL Troublesho oting ADSL Troubleshooting If you e xperience trouble with the ADSL connection, v erify the follo wing: • The ADSL line is connected and i s using pins 3 and 4. F or more information on the ADSL connection, see the hardw are gu[...]
-
Página 113
12-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands This command sends end-to-end O AM F5 packets, which are echoed back by the aggregator . show interface Command Use the show int erface command to display the status of all physical ports (Et hernet and A TM) and lo[...]
-
Página 114
12-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ATM Troubleshooting Co mmands Ta b l e 12-1 describes possible command ou tput for the sho w interface command. Ta b l e 12-1 show int erf ace Command Output Descri ption Output Cause For A TM Interfac es A TM 0 is up, line protocol is up The A [...]
-
Página 115
12-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands show atm interface Command T o display A TM-specifi c information about an A TM interface, use the show atm interface atm 0 command from pri vileged EXEC mode, as sh ow n in Example 12-3 . Example 12-3 Viewing Infor[...]
-
Página 116
12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ATM Troubleshooting Co mmands • T o disable debu gging, enter the undeb ug all command. • To u s e deb ug commands during a T elnet session on your r outer , enter the terminal monitor command. Caution Debug ging is assigned a high priority [...]
-
Página 117
12-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands 00:03:00: DSL: 1: Modem state = 0x8 00:03:02: DSL: 2: Modem state = 0x10 00:03:05: DSL: 3: Modem state = 0x10 00:03:07: DSL: 4: Modem state = 0x10 00:03:09: DSL: Received response: 0x24 00:03:09: DSL: Showtime! 00:0[...]
-
Página 118
12-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Software Upgrad e Methods Example 12-7 sho w s sample output for the deb ug atm packet co mmand. Example 12-7 Viewing A TM Pac k et Processing Router# debug atm packet Router# 01:23:48:ATM0(O): VCD:0x1 VPI:0x1 VCI:0x64 DM:0x0 SAP:AAAA CTL:03 OUI[...]
-
Página 119
12-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting Recovering a Lost Password Recovering a Lost Password T o recov er a lost enable or lost enable-secret passw ord: 1. Change the Configuration Re gister 2. Reset the Router 3. Reset the Passw ord and Sav e Y our Changes (for lost enable s ecret p[...]
-
Página 120
12-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Recovering a Lost Pa ssword Cisco SR520W-ADSL (MPC8272) processor (revision 0x100) with 118784K/12288K bytes of memory. Processor board ID FOC09171CB7 MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10 4 FastEthernet interfaces 1 ATM interface [...]
-
Página 121
12-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting Recovering a Lost Password Step 7 Enter the enable command to enter enable mode. Conf iguration changes can be made only in en able mode: Router> enable The prompt changes to the pri vileged EXEC prompt: Router# Step 8 Enter the show startup[...]
-
Página 122
12-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Recovering a Lost Pa ssword Step 3 Enter exit to e xit configuratio n mode: Router(config)# exit Note T o return to the conf iguration being used before you recov ered the lost enable password, do not sav e the configuration ch anges before reb[...]
-
Página 123
P ART 4 Reference Inf ormation[...]
-
Página 124
[...]
-
Página 125
A-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX A Cisco IOS Software Basic Skills Understanding ho w to use Cisco IOS software can sa ve you time when you are conf iguring your router . If you need a refresher , take a fe w minutes to read this appendix. This appendix contain s the follo wing sections: • Confi[...]
-
Página 126
A-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Understandi ng Command Mode s Y ou can use the terminal emulation software to change settings for the type of de vice that is connected to the PC, in this case a rout er . Config ure the software to the follo wing standard VT -100 [...]
-
Página 127
A-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Understanding Command Mode s Ta b l e A -2 Command Modes Summary Mode Access Method Prompt Exit and Entrance Method About This Mode User EXEC Begin a session with your router . Router> T o exit a router session, enter the logou[...]
-
Página 128
A-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Getting Help Getting Help Y ou can use the qu estion mark (?) a nd ar ro w ke ys to help you enter commands. For a list of a vailable commands at th at command mode, enter a questi on mark: Router> ? access-enable Create a tempo[...]
-
Página 129
A-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Entering Glob al Configuration Mode Y ou can use two commands to do this: • enable secret password —A v ery secure, encrypted p assword • enable password —A less secure, unencrypted local password Both the enable and enabl[...]
-
Página 130
A-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Saving Configu ration Changes Abbreviating Commands Y ou only ha ve to enter enough ch aracters for the router to reco gnize the command as unique. This example sho ws how to enter the show versi on command: Router # sh v Undoing C[...]
-
Página 131
A-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Summary Press Return to accept the default destination filename startup- conf ig , or enter your desired destination filename and p ress Return . It might take a minute or two to sa ve the conf iguration to NVRAM. Af ter the conf [...]
-
Página 132
A-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Where to Go Next[...]
-
Página 133
B-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX B Concepts This appendix contains conceptual information that may be useful to In ternet service providers or network admin istrators when the y configure Cisco ro uters. T o revie w some typical network scenarios, see Chapter 2, “Sample Ne twork Deplo yments. ?[...]
-
Página 134
B-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Network Pro tocols Network Protocols Network protoco ls enable the network to pass data fro m its source to a specif ic destination ov er LAN or W AN links. Routing address tables are included in the networ k protocols to pro vide the best path for movin[...]
-
Página 135
B-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts PPP Authentication Protocols PPP Authentication Protocols The Point-to-Point Pr otocol (PPP) encapsulates netwo rk layer protocol informat ion ov er point-to-point li nks. PPP originally emerged as an encapsula tion prot ocol for transporting IP traf fi [...]
-
Página 136
B-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts TACACS+ Note W e recommend us ing CHAP because it is th e more secure of the two protocols. TACACS+ Cisco Secure Router 520 Ser ies routers supp ort the T erminal Access Controller Access Control System Plus (T ACA CS+) protocol through T elnet. T A CACS[...]
-
Página 137
B-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts NAT PVC A PVC is a connection between remote hosts and ro uters. A PVC is establi shed for each A TM end node with which the router communicate s. The characteristi cs of the PVC that are established when it is created are set by the A TM adaptation laye[...]
-
Página 138
B-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Easy IP (Phase 1) T r anslations can be static or dynamic. A static address translation establishes a one-to-one mapping between t he inside network an d the outsid e domain. Dyna mic address tran slations are de f ined by describing the local addresses [...]
-
Página 139
B-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts QoS QoS This section descri bes Quality of Service (QoS) parameter s, including the follo wing: • IP Precedence • PPP Fragmentation and Interlea ving • CBWFQ • RSVP • Lo w Latency Queuing QoS refers to the capability of a netw ork to prov ide b[...]
-
Página 140
B-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts QoS In general, multilink PPP wi th interlea ving is used in conjunc tion with CBWFQ and RSVP or IP Precedence to ensure voice packet deli very . Use mu ltilink PPP with interleaving and CBW FQ to def i ne ho w data is managed; use Resource Reserv ation [...]
-
Página 141
B-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Access Lists Access Lists W ith basic standard and static e xtended access lists, you can approximate session f iltering by using the established ke yword with the permit command. The establis hed ke yword f ilters TCP packets based on whether the A CK o[...]
-
Página 142
B-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Access Lists[...]
-
Página 143
C-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX C ROM Monitor The R OM monitor firmware runs when the rout er is po we red up or reset. The f irmware helps to initialize the processor hardware an d boot the operating sy stem sof tware. Y ou can use the R OM monitor to perform certain conf iguration tasks, such a[...]
-
Página 144
C-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor ROM Monitor Commands T imesaver Break (system interrupt) is alw ays enabled for 60 second s after the rout er reboots, re gardless of whether it is set to on or of f in the configurat ion register . During this 60-second windo w , you can break to the[...]
-
Página 145
C-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Command Descriptions Commands are case sensitiv e. Y ou can halt any comma nd by pressing the Break key on a terminal. If you are using a PC, most terminal emu lation programs halt a com mand when you press the Ctrl and the Break ke ys at the same tim[...]
-
Página 146
C-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Disaster Recover y with TFTP Down load TFTP Download Command Variables This section describes the syst em v ariables that can be set in R OM monitor mode and that are used during the TFTP download process. The re are both required variables an d optio[...]
-
Página 147
C-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Configuration Register Using the TFTP Download Command Perform these steps in R OM monitor mode to downl oad a file throu gh TFTP: Step 1 Use the appropriate commands t o enter all the required v ariables and any optional v ariables described in prece[...]
-
Página 148
C-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Configuratio n Register Changing the Configuration Register Manually T o change the virtual conf iguration register fro m the R OM monitor manually , enter the confreg command follo wed by the new v alue of the regi ster in he xadecimal format, as sho[...]
-
Página 149
C-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Console Download Console Download Y ou can use cons ole do wnload, a R OM monitor functio n, to do w nload either a software image or a confi guration file o ver the router console por t. After download, the f ile is either saved to the mini -flash me[...]
-
Página 150
C-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Debug Command s Error Reporting Because the R OM monitor console download uses the co nsole to perform the data transfer , when an error occurs during a data transfer, error messages are only displayed on the console once the data transfer is terminat[...]
-
Página 151
C-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Exiting the ROM Monitor FP: 0x80005f9c, PC: 0x80008118 FP: 0x80005fac, PC: 0x80008064 FP: 0x80005fc4, PC: 0xfff03d70 FP: 0x80005ffc, PC: 0x00000000 FP: 0x00000000, PC: 0x00000000 • meminfo —Displays size in bytes, starti ng address, av ailable ran[...]
-
Página 152
C-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Exiting the ROM Monitor[...]
-
Página 153
D-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX D Common Port Assignments Ta b l e D-1 lists currently assign ed T ransmission Cont rol Protocol (TCP) port number s. T o the extent possible, the User Datagram Protocol (UDP) uses the same numbers. Ta b l e D-1 TCP P ort Numbers Port Keyword Description 0 — Rese[...]
-
Página 154
D-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix D Common Po rt Assignments 75 — Any pri vate dial-out service 77 — Any pri vate RJE service 79 FINGER Finger 95 SUPDUP SUPDUP Protocol 101 HOST N AME Network interface card (NIC) hostname server 102 ISO-TSAP ISO-Transport Service Access Point ( TSAP) 103 X400 X[...]
-
Página 155
IN-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 INDEX Symbols -? command C-3 ? command A-4, C-3 A AAL B-5 AAL3/4 B-5 AAL5 B-5 abbreviating commands A-6 access groups 11-3 access lists applying to interfaces 8-4 configuration comman ds 11-2 configuring for firewalls 8-3, 9-2 description B-9 ACK bits B-9 Address Resolutio[...]
-
Página 156
Index IN-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 configuration example 1-9 configuring 1-8 command modes A-2 to A-4 commands -? C-3 ? A-4 abbreviating A-6 access list 11-2 ATM troubleshooting 12-2 to 12-8 b C-3 b flash C-3 boot C-3 completing A-4 confreg C-6 context C-8 copy running-co nfig startup-config A-6 copy [...]
-
Página 157
Index IN-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Fast Ethernet LAN interfaces 1-4 Fast Ethernet WA N interface 1-5 firewall 8-1 to 8-6 global parameters 1-4 GRE tunnel 7-8 group policy 6-4, 7-4 IKE policy 6-3, 7-3 inspection rules for firewalls 8-4 IPsec tunnel 6-1 loopback interface 1-6 to 1-8 NAT 4-7 PPPoE with N[...]
-
Página 158
Index IN-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 extended access list, overview B-9 F Fast Ethernet LAN interfaces, configuring 1-4 Fast Ethernet WAN interface, configuring 1-5, 3-3 filtering See access lists firewalls access list configuration 8-3, 9-2 applying access lists to interfaces 8-4 applying inspection r [...]
-
Página 159
Index IN-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 loopback interface, config uring 1-6 to 1-8 low laten cy queuing See LFQ M meminfo command C -9 metrics RIP B-2 mode configurat ion, applying to crypto m ap 6-5 modes See command modes N NAT configuration example 3-8, 4-9 configuring with PPPoA 4-7 configuring with P[...]
-
Página 160
Index IN-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 protocols ATM B-4 Ethernet B-4 network B-2 network interface B-4 to B-5 PPP authentication B-3 routing overview B-2 to ?? PVC encapsulation types B-5 overview B-5 Q QoS parameters B-7 to B-8 queues, ATM B-8 R radio station subinterf aces, configuring 9-5 remote acces[...]
-
Página 161
Index IN-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 troubleshooting co mmands, ATM 12-2 to 12-8 U UDP port numbers D-1 to D-2 undoing commands A-6 upgrading software, methods for 12-8 User Datagram Protocol See UDP user EXEC mode A-2, A-3 V variables, command listing A-4 VC B-5 verify DHCP server configurat ion 5-4 Ea[...]
-
Página 162
Index IN-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01[...]