Vai alla pagina of
Manuali d’uso simili
-
Webcam
Cisco Systems ASA 5580
754 pagine 14.68 mb -
Webcam
Cisco Systems CUVAV224BUN
7 pagine 0.18 mb -
Webcam
Cisco Systems CTSPHDS
34 pagine 3.08 mb -
Webcam
Cisco Systems EX60
2 pagine 1.4 mb -
Webcam
Cisco Systems 2960
59 pagine 0.96 mb -
Webcam
Cisco Systems 3560
59 pagine 0.96 mb -
Webcam
Cisco Systems 2950
59 pagine 0.96 mb -
Webcam
Cisco Systems CABHDMIPHD4XS2
34 pagine 3.08 mb
Un buon manuale d’uso
Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso Cisco Systems 520 series. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica Cisco Systems 520 series o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.
Che cosa è il manuale d’uso?
La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso Cisco Systems 520 series descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.
Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.
Quindi cosa dovrebbe contenere il manuale perfetto?
Innanzitutto, il manuale d’uso Cisco Systems 520 series dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo Cisco Systems 520 series
- nome del fabbricante e anno di fabbricazione Cisco Systems 520 series
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature Cisco Systems 520 series
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti
Perché non leggiamo i manuali d’uso?
Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio Cisco Systems 520 series non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti Cisco Systems 520 series e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio Cisco Systems in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche Cisco Systems 520 series, come nel caso della versione cartacea.
Perché leggere il manuale d’uso?
Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo Cisco Systems 520 series, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.
Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso Cisco Systems 520 series. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.
Sommario del manuale d’uso
-
Pagina 1
Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Cisco S ecure Router 520 S eries S of tw are Conf iguration Guide Customer Order Number: Text Part Number: OL -14210-01[...]
-
Pagina 2
THE SPECIFICATION S AND INFORMATION RE GARDING THE PR ODUCTS IN THIS MA NUAL ARE SUBJECT T O CHANGE WITHOUT NOTICE. ALL STATEMENTS , INFORMATION, AND RECOMMENDATI ONS IN THI S MANUAL ARE BE LIEVED TO BE A CCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICATION OF ANY P[...]
-
Pagina 3
iii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 CONTENTS Preface ix Objective ix Audience ix Organization x Conventi ons xi Related Documentation xvi Obtaining Documentation and Submitting a Serv ice Request xvii PART 1 Getting Started CHAPTER 1 Basic Router Co nfiguration 1-1 Viewing the De fault Configuration 1-2 Infor[...]
-
Pagina 4
Contents iv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 PART 2 Configuring Your Router for Ethernet and DSL Access CHAPTER 2 Sample Network Deployments 2-1 CHAPTER 3 Configuring PPP over Ethernet with NAT 3-1 Configure the Virtual Private Dialup Network Group Number 3-2 Configure the Fast Ethernet WAN Interfaces 3-3 Conf[...]
-
Pagina 5
Contents v Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Apply the Crypto Map to the Physic al Interface 6-8 Create an Easy VPN Remote Configuratio n 6-9 Verifying Your Easy VPN Configuratio n 6-10 Configuration Example 6-10 CHAPTER 7 Configuring VPNs Using a n IPsec Tunnel a nd Generic Routing Encapsulation 7-1 Configure [...]
-
Pagina 6
Contents vi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Guidelines for Creating Access Groups 11-3 Configuring a CBAC Firewall 11-3 Configuring Cisco IOS Firewall IDS 11-4 Configuring VPNs 11-4 CHAPTER 12 Troubleshooting 12-1 Getting Started 12-1 Before Contacting Cisco or Your Reseller 12-1 ADSL Troubleshooting 12-2 ATM[...]
-
Pagina 7
Contents vii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Saving Configuration Changes A-6 Summary A-7 Where to Go Next A-7 APPENDIX B Concepts B-1 ADSL B-1 Network Protocols B-2 IP B-2 Routing Protocol Options B-2 RIP B-2 PPP Authentication P rotocols B-3 PAP B-3 CHAP B-3 TACACS+ B- 4 Network Interfaces B-4 Ethernet B-4 [...]
-
Pagina 8
Contents viii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing th e Configurat ion Register Manually C-6 Changing th e Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug C[...]
-
Pagina 9
ix Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface This preface describes the objectiv es, audience, org a nization, and co n ventions of this gui de, and describes related docu ments that ha ve additio nal information. It contains the follo wing sections: • Objecti ve, page ix • Audience, p age ix • Organizati[...]
-
Pagina 10
x Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Organization This guide is or ganized into the follo wing chapters and appendi x. Part 1: Getting Started Chapter 1 , “Basic Router Conf iguration” Describes how to conf igure basic router features and interfaces. Part 2: Configuring Y our Router for Ethernet and [...]
-
Pagina 11
xi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Conventions This section descri bes the con vention s used in this guide. Note Means reader take note . Notes contain helpful suggestio ns or references to additio nal information and material. Caution This symbol means r eader be careful . In thi s situation, you mi[...]
-
Pagina 12
xii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Attention IMPORT ANTES INFORMA TIONS DE SÉCURITÉ Ce symbole d'avertissement indique un danger . V ous vous trouvez dans une situation pouvant entraîner des blessures ou des do mmages corporels. A vant de travailler sur un équipement, soyez conscient des dan[...]
-
Pagina 13
xiii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface ¡Advertencia! INSTRUCCIONES IMPORT ANTES DE SEGURIDAD Este símbolo de aviso indica peligro. Existe riesgo para su integridad física. Antes de manipular cualquier equipo, conside re los riesgos de la corriente eléctrica y familiarícese con los procedimientos es[...]
-
Pagina 14
xiv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Avi so INSTRUÇÕES IMPORT ANTES DE SEGURANÇA Este símbolo de aviso significa perigo. V ocê se encontra em uma situação em que há risco de le sões corporais. Antes de trabalhar com qualquer equipam ento, esteja ciente dos riscos que envolvem os circuitos elé[...]
-
Pagina 15
xv Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface[...]
-
Pagina 16
xvi Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Related Documentation The Cisco Secure Router 520 Series pr oduct is shipped wi th a minimal set of printed do cumentation. Additional prod uct documentation is a vailable on Cisco.co m. In addition to the Cisco Secur e Router 520 Series Softwar e Config uration Gui[...]
-
Pagina 17
xvii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface Obtaining Documentation and Submitting a Service Request For info rmation on obtaining documentation, sub mitting a service request, and gatheri ng additional information, see the mont hly What’ s New in Cisco Pr oduct Documentation , which also li sts all ne w a[...]
-
Pagina 18
xviii Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Preface[...]
-
Pagina 19
P ART 1 Get ting Star ted[...]
-
Pagina 20
[...]
-
Pagina 21
CH A P T E R 1-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 1 Basic Router Configuration The Cisco Secure Router 520 Series r outers are designed for small b usinesses with up to 50 users and telew orkers who want secure connect i vity to corporate LANs and to th e Internet. These routers pro vide adv anced security fea[...]
-
Pagina 22
1-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Viewing the De fault Configuration Viewing the Default Configuration When the router first boots up, some basic confi gurat ion has already been performed. All of the LAN and W AN interfaces have been created, console and VTY ports are [...]
-
Pagina 23
1-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Interface Port Labels – Order the appropriate li ne from your public tele phone service pro vider . Ensure that the ADSL signaling type is DMT (also called AN SI T1.413) or DMT Issue 2. Once you hav e collected the ap propriate informa[...]
-
Pagina 24
1-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Configure Global Parameters Perform these steps to configure select ed gl obal parameters for your rout er: For complete in formation on the global paramet er commands, see the Cisco IOS Release 12.3 documen[...]
-
Pagina 25
1-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters Based on the rou ter you hav e, configure th e W AN interface( s) by usin g one of the follo wing procedures: • Config ure the Fast Eth ernet W AN Interface • Config ure the A TM W AN Interface Configure [...]
-
Pagina 26
1-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Perform these steps to conf igure the A TM interface, beginning in global conf iguration mode: Configure the Wireless Interface The wireless interface enables connection to the rout er through a wireless LAN[...]
-
Pagina 27
1-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters Perform these steps to conf igure a loopback interface, beginni ng in global conf iguration mode: Configuration Example The loopback interf ace in this sample conf iguratio n is used to supp ort Network Ad dr[...]
-
Pagina 28
1-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Basic Parameters Last clearing of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bit[...]
-
Pagina 29
1-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Basic Parameters For complete in formation about the co mmand line commands, see the Cisco IOS Rel ease 12.3 documentation set . Configuration Example The follo wing conf iguration shows th e command-line access commands. Y o[...]
-
Pagina 30
1-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Static Routes Configuring Static Routes Static routes pro vide fix ed routing paths through the network. Th ey are manually conf igured on the router . If the network topo logy changes, the static ro ute must be updated wit[...]
-
Pagina 31
1-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Configuration Configuring Dyn amic Routes ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 1 subnets C 10.108.1.0 is dire[...]
-
Pagina 32
1-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 1 Basic Router Con figuration Configuring Dynamic Routes For complete in formation on the dynamic routi ng commands, see the Cisco IOS Release 12 .3 documentatio n set. For more general in formation on RIP , see Appendix B, “Concepts. ” Configuration Example Th[...]
-
Pagina 33
P ART 2 Conf iguring Y our Router f o r Ethernet and DSL A ccess[...]
-
Pagina 34
[...]
-
Pagina 35
CH A P T E R 2-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 2 Sample Network Deployments This part of the softw are config uration guide presents a v ariety of possible Ethernet and Digital Subscriber Line (DSL)—based networ k conf igurations using the Cisco Secure Router 520 Ser ies router . Each scenario is describe[...]
-
Pagina 36
2-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 2 Sample Network De ployments • Chapter 7, “Configuring VPNs Using an IPsec T u nnel and G eneric Ro uting Encapsu lation” • Chapter 8, “Configu ring a Simple Fire wall”[...]
-
Pagina 37
CH A P T E R 3-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 3 Configuring PPP over Ethernet with NAT The Cisco Secure Router 520 Ethernet-to-Ethernet r outers su pport Point-to-Po int Protocol o ver Ethern et (PPPoE) clients and network address translat ion (N A T). Multiple PCs can be connected to the LAN behind the ro[...]
-
Pagina 38
3-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure the Vir tual Private Dialup Network Group Number PPPoE The PPPoE Client feature on the router pro vides PPPoE client support on Ethernet interf aces. A dialer interface must be used f or cloning virtual access. Mult[...]
-
Pagina 39
3-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure the Fast Ethern et WAN Interfaces Configure the Fast Ethernet WAN Interfaces In this scenario, the PPPoE client (your Cisco router ) communicates ov er a 10/100 Mbps-Ethernet interface on both t he inside and the [...]
-
Pagina 40
3-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure the Dialer Interface Configure the Dialer Interface The dialer interface indicates ho w to handle traff i c from the clients, including, for e x ample, def ault routing information, t he encapsulation protocol, and [...]
-
Pagina 41
3-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure Network Address Translation Configure Network Address Translation Network Address T r anslation (N A T) tr anslates packets from addresses that match a standard access list, using glob al addresses allocate d by t[...]
-
Pagina 42
3-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configure Netw ork Address Tran slation Perform these steps to configu re the outside Fast Ethernet W AN interf ace with dynamic N A T , beginni ng in global conf iguration mode: Command Purpose Step 1 ip nat pool name start [...]
-
Pagina 43
3-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configure Network Address Translation Note If you want to use N A T with a virtual-template interf ace, you must conf igure a loopback interf ace. See Chapter 1, “Basic Router Configuration, ” for informat ion on confi [...]
-
Pagina 44
3-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configuratio n Example Configuration Example The follo wing conf iguration example sho ws a portion of the configurat ion file for the PPPoE scenario described in th is chapter . The VLAN interface has an IP ad dress of 192.1[...]
-
Pagina 45
3-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuri ng PPP over Ethern et with NAT Configuration E xample Dynamic mappings: -- Inside Source [Id: 1] access-list 1 interface Dialer0 refcount 0 Queued Packets: 0[...]
-
Pagina 46
3-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 3 Configuring PPP over Ethernet with NAT Configuratio n Example[...]
-
Pagina 47
CH A P T E R 4-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 4 Configuring PPP over ATM with NAT The Cisco Secure Router 520 ADSL-ov er-PO TS and Cisco Secure Router 520 ADSL-ov er-ISDN routers support Point-to-Point Protocol o ver Asynchronous T r ansfer Mode (PPPoA) clie nts and network address translation (N A T). Mul[...]
-
Pagina 48
4-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure the Dialer Interface In this scenario, the smal l business or remote user on the F ast Ethernet LAN can connect to an Internet service pro vider (ISP) using the follo wing protocols on the W AN connect ion: • Asymmet[...]
-
Pagina 49
4-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure th e Dialer Interface Perform these steps to configure a dialer interface fo r the A TM interface on the ro uter , starting in global confi guration mode: Command Purpose Step 1 interfac e dialer dialer -r otary-gr oup-n[...]
-
Pagina 50
4-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure the Dialer Interface Repeat these steps for any ad ditional dialer interfac es or dialer pools needed. Step 8 exit Example: Router(config-if)# exit Router(config)# Exits the dialer 0 interface configuration. Step 9 dia[...]
-
Pagina 51
4-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure the ATM WAN Interface Configure the ATM WAN Interface Perform these steps to conf igure the A TM interface, beginning in global conf iguration mode: Command Purpose Step 1 interface type number Example: Router(config)# i[...]
-
Pagina 52
4-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure DSL Signa ling Protocol Configure DSL Signaling Protocol DSL signaling must be conf igured on the A TM interf ace for connection to your ISP . The Cisco Secure Router 520 ADSL-o ver -POTS rou ters support ADSL signal i[...]
-
Pagina 53
4-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configure Network Address Translation Verify the Configuration Y ou can verify t hat the confi guration is set the way yo u want b y using the sho w dsl interface atm command from pri vileged EXEC mode. Configure Network Address T[...]
-
Pagina 54
4-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configure Netw ork Address Tran slation Step 4 ip nat { inside | outside } Example: Router(config-if)# ip nat inside Router(config-if)# Applies NA T to the Fast Ethernet LAN interface as the inside interf ace. For details ab out[...]
-
Pagina 55
4-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configuring PPP over ATM with NAT Configuration E xample Note If you want to use N A T with a virtual-template interf ace, you must conf igure a loopback interf ace. See Chapter 1, “Basic Router Configuration, ” for informat ion on conf iguring the loopback in[...]
-
Pagina 56
4-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 4 Configu ring PPP over ATM with N AT Configuratio n Example ip mtu 1492 encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap ! ip classless ( default ) ! ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 0.0.0.255 ip nat inside source list 1 inte[...]
-
Pagina 57
CH A P T E R 5-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 5 Configuring a LAN with DHCP and VLANs The Cisco Secure Router 520 Ser ies routers supp ort clients on both phy sical LANs and virtual LANs (VLANs). The routers can u se the Dynamic Host Conf iguration Protocol (DHCP) to enable auto matic assignment of IP conf[...]
-
Pagina 58
5-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure DHCP Note Whenev er you change server p roperties, you must relo ad the serv er with the configur ation data from the Network Re gistrar database. VLANs The Cisco Secure Router 520 Series rou ters support four F ast[...]
-
Pagina 59
5-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure DHCP Step 4 ip dhcp pool name Example: Router(config)# ip dhcp pool dpool1 Router(dhcp-config)# Creates a DHCP address pool on the router and enters DHCP pool conf iguration mode. The name ar gument can be a string o[...]
-
Pagina 60
5-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure DHCP Configuration Example The follo wing conf iguration example sho ws a portion of the confi guration fi le for the DCHP confi guration described in this chapter . ip dhcp excluded-address 192.168.9.0 ! ip dhcp po[...]
-
Pagina 61
5-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure VLANs Message Sent BOOTREPLY 0 DHCPOFFER 0 DHCPACK 0 DHCPNAK 0 Router# Configure VLANs Perform these steps to conf igure VLANs on your router , beginning in pri vileged EXEC mode: Command Purpose Step 1 vlan database[...]
-
Pagina 62
5-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure VLANs Assign a Switch Port to a VLAN Perform these steps to assign a sw itch port to a VLAN, begi nning in global conf iguration mode: Verify Your VLAN Configuration Use the follo wing commands to vie w your VLAN co[...]
-
Pagina 63
5-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configuring a LAN with DHCP and VLANs Configure VLANs VLAN ISL Id: 3 Name: red-vlan Media Type: Ethernet VLAN 802.10 Id: 100003 State: Operational MTU: 1500 VLAN ISL Id: 1002 Name: fddi-default Media Type: FDDI VLAN 802.10 Id: 101002 State: Operational MTU: 1500 B[...]
-
Pagina 64
5-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 5 Configu ring a LAN with DHCP and VLANs Configure VLANs VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 1002 1003 2 enet 100002 1500 - -[...]
-
Pagina 65
CH A P T E R 6-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel The Cisco Secure Router 520 Ser ies routers support the creation of V irtual Priv ate Networks (VPNs). Cisco routers and other broadband de vices provide high-perfo rmance connections to the Internet , but [...]
-
Pagina 66
6-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Cisco Easy VPN The Cisco Easy VPN client feature elimin ates much of the tedious conf iguration work b y implementing the Cisco Un ity Client prot ocol. This protoc ol a llo ws most VPN parameters, such as inter[...]
-
Pagina 67
6-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the I KE Policy Note The procedures in this chap ter assume that you h av e already conf igur ed basic router feat ures as well as PPPoE or PPPoA with N A T , DCHP and VLANs. If you hav e not performe [...]
-
Pagina 68
6-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure Gro up Policy Information Configure Group Policy Information Perform these steps to conf igure the group policy , begin ning in global co nfigur ation mode: Step 5 group { 1 | 2 | 5 } Example: Router(c[...]
-
Pagina 69
6-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Apply Mode Con figur ation to the Crypto Map Apply Mode Configuration to the Crypto Map Perform these steps to apply mode co nfiguratio n to the crypto map, be ginning in global conf iguration mode: Step 4 domai[...]
-
Pagina 70
6-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Enable Policy Lookup Enable Policy Lookup Perform these steps to enable polic y lookup through AAA, be ginning in global configurati on mode: Configure IPsec Transforms and Protocols A transform set represents a[...]
-
Pagina 71
6-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the IPsec Cryp to Method and Paramete rs Perform these steps to specify the IPsec transform set and protocols, be ginning in global conf iguration mode: Note W ith manually establish ed security associ[...]
-
Pagina 72
6-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Apply the Crypto Ma p to the Phys ical Interface Apply the Crypto Map to the Physical Interface The crypto maps must be applied to each interface through which IP Security (IPsec) traff ic flows. Applying the cr[...]
-
Pagina 73
6-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Create an Easy VPN Remote Configuration Create an Easy VPN Remote Configuration The router acting as the IPsec remote router must create an Easy VPN remote configuration and assign it to the outgoing interf ace.[...]
-
Pagina 74
6-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Verifying Your Easy VPN Configuration Verifying Your Easy VPN Configuration router# show crypto ipsec client ezvpn Tunnel name :ezvpnclient Inside interface list:vlan 1 Outside interface:fastethernet 4 Current [...]
-
Pagina 75
6-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configuration E xample username Cisco password 0 Cisco ! crypto isakm p policy 1 encryption 3des authentication pre-share group 2 lifetime 480 ! crypto isakmp client configuration group rtr-remote key secret-pa[...]
-
Pagina 76
6-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configuratio n Example[...]
-
Pagina 77
CH A P T E R 7-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation The Cisco Secure Router 520 Ser ies routers support the creation of virtual pr iv ate networks (VPNs). Cisco routers and other broadband de vices provide high-perfo rmance connections to[...]
-
Pagina 78
7-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN GRE Tunnels GRE tunnels are typi cally used to establish a VPN be tween t he Cisco router and a remote de vice that controls access to a priv ate ne twork, such as a co rp[...]
-
Pagina 79
7-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Configure the IKE Policy Perform these steps to conf igure the Internet Ke y Exchange (IKE) policy , beginni ng in global confi guration mode: Command or Action Purpose Step [...]
-
Pagina 80
7-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN Configure Group Policy Information Perform these steps to conf igure the group policy , begin ning in global co nfigur ation mode: Command or Action Purpose Step 1 crypto [...]
-
Pagina 81
7-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Enable Policy Lookup Perform these steps to enable polic y lookup through AAA, be ginning in global conf iguration mode: Configure IPsec Transforms and Protocols A transform [...]
-
Pagina 82
7-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a VPN Perform these steps to specify the IPsec transform set and protocols, be ginning in global conf iguration mode: Note W ith manually establish ed security association s, th[...]
-
Pagina 83
7-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configure a VPN Apply the Crypto Map to the Physical Interface The crypto maps must be applied to each interface through which IP sec traf fic flo w s. Applying the crypto map to the ph ysic[...]
-
Pagina 84
7-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configure a GRE Tunnel Configure a GRE Tunnel Perform these steps to conf igure a GRE tunnel, beginning in glob al conf iguration mode: Step 2 crypto map map-name Example: Router(config-i[...]
-
Pagina 85
7-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configuration E xample Configuration Example The follo wing conf iguration example sho ws a portion of the config uration fi le for a VPN using a GRE tunnel scenario described in the precedi[...]
-
Pagina 86
7-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configuratio n Example tunnel source fastethernet 0 tunnel destination interface 192.168.101.1 ip route 20.20.20.0 255.255.255.0 tunnel 1 crypto isakm p policy 1 encryption 3des authenti[...]
-
Pagina 87
7-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encap sulation Configuration E xample ! ! Utilize NAT overload in order to make best use of the ! single address provided by the ISP. ip nat inside source list 102 interface Ethernet1 overload ip classles[...]
-
Pagina 88
7-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 7 Configur ing VPNs Using an IP sec Tun nel and Generic Routing E ncapsulation Configuratio n Example[...]
-
Pagina 89
CH A P T E R 8-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 8 Configuring a Simple Firewall The Cisco Secure Router 520 Series routers support network traf fic filtering b y means of access lists. The routers also support packet inspection an d dynamic temporary access lists b y means of Context-Based Access Control (CB[...]
-
Pagina 90
8-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Figure 8-1 sho ws a network deplo yment using PPPoE or PPPoA with N A T and a fire wall. Figur e 8-1 Rout er with Fir ewall Configur ed In the confi guration e xample that follo ws, the fire wall is applied to the outsid e W AN inter[...]
-
Pagina 91
8-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Configuring a Simple Firewall Configure Acce ss Lists Note The procedures in this chap ter assume that you h av e already conf igur ed basic router feat ures as well as PPPoE or PPPoA with N A T . If you hav e not pe rformed these configurations tasks, see Ch apte[...]
-
Pagina 92
8-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Configure Inspection Rules Configure Inspection Rules Perform these steps to confi gure fire wall inspection rule s for all TCP and UDP traff ic, as well as specific application protocols as def ined by the security poli cy , beginni[...]
-
Pagina 93
8-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Configuring a Simple Firewall Configuration E xample Configuration Example A telecommuter is granted s ecure access to a corporat e network, using IPsec tunnel ing. Security to the home network is acco mplished through f irewal l inspec tion. The protocols that ar[...]
-
Pagina 94
8-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 8 Config uring a Simple Firewall Configuratio n Example ip nat outside no cdp enable ! ! acl 103 defines traffic allowed from the peer for the IPsec tunnel. access-list 103 permit udp host 200.1.1.1 any eq isakmp access-list 103 permit udp host 200.1.1.1 eq isakmp a[...]
-
Pagina 95
CH A P T E R 9-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 9 Configuring a Wireless LAN Connection The Cisco Secure Router 520 Series routers support a secur e, af fordabl e, and easy-to-use wireless LAN solution that combines mobility and fl exibility with the enterprise-class featur es required by net working profess[...]
-
Pagina 96
9-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configure the Root Radio Statio n Configuration Tasks Perform the follo wing tasks to configu re this network scenario: • Config ure the Root Radio Station • Config ure Bridging on VLANs • Config ure Radio Station Subi[...]
-
Pagina 97
9-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configure the Ro ot Radio Station Step 3 encryption method algorithm ke y Example: Router(config-if)# encryption vlan 1 mode ciphers tkip Router(config-if)# Specifies the encrypti on method, algorithm, and ke y used to access [...]
-
Pagina 98
9-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configure Bridging on VLA Ns Configure Bridging on VLANs Perform these steps to conf igure integrated routing and br idging on VLANs, be ginning in global confi guration mode: Step 10 power [ client | local ] [ cck [ number [...]
-
Pagina 99
9-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configure Radio Station Su binterfaces Repeat Step 2 through Step 6 abov e for each VLAN that requires a wireless inte rface. Configure Radio Station Subinterfaces Perform these steps to configure su binterfaces for each root [...]
-
Pagina 100
9-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configuratio n Example Repeat these steps to configure more subinterfaces, as needed. Configuration Example The follo wing conf iguration example sho ws a portion of the confi guration fi le for the wireless LAN scenario des[...]
-
Pagina 101
9-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configuring a Wireless LAN Connection Configuration E xample ! encryption vlan 1 mode ciphers tkip ! ssid cisco vlan 1 authentication open wpa-psk ascii 0 cisco123 authentication key-management wpa ! ssid ciscowep vlan 2 authentication open ! ssid ciscowpa vlan 3 [...]
-
Pagina 102
9-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 9 Configu ring a Wireless LAN Connectio n Configuratio n Example no ip address bridge-group 3 bridge-group 3 spanning-disabled ! interface BVI1 ip address 10.0.1.1 255.255.255.0 ! interface BVI2 ip address 10.0.2.1 255.255.255.0 ! interface BVI3 ip address 10.0.3.1 [...]
-
Pagina 103
P ART 3 Conf iguring A dditional F eatures and T r oubleshooting[...]
-
Pagina 104
[...]
-
Pagina 105
CH A P T E R 10-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 10 Additional Configuration Options This part of the softw are conf iguration guid e describes addi tional conf iguration options and troubleshooting t ips for the Cisco Secure Router 520 Series routers. The config uration options described i n this part inclu[...]
-
Pagina 106
10-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 10 Additional Configuration Options[...]
-
Pagina 107
CH A P T E R 11-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 11 Configuring Security Features This chapter gi ves an ov erview of authentication, au thorization, and accounting ( AAA), the primary Cisco frame work for implementing selected securi ty features that can be conf igured on the Cisco Secure Router 520 Series [...]
-
Pagina 108
11-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configur ing Security Features Configuring AutoSecure For info rmation about confi guring AAA services and suppo rted security protocols, see the follo wing sections of the Cisco IOS Security Configuration Guide : • Config uring Authentication • Conf iguring[...]
-
Pagina 109
11-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configuring Security Featur es Configuring a CBAC Firewall Access Groups A sequence of access list def initions bound together with a common name or number is called an access group. An access group is enabled for an interface during interface configur ation wit[...]
-
Pagina 110
11-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 11 Configur ing Security Features Configuring Cisco IOS Firewall IDS Configuring Cisco IOS Firewall IDS Cisco IOS Fire wall Intrusion Detecti on System (IDS ) technolog y enhances perimeter fire wall protection by taking appropriate action on pack ets and flo ws th[...]
-
Pagina 111
CH A P T E R 12-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 12 Troubleshooting Use the information in this chapter to help isolate problems you might encounter or to rule out the router as the source of a problem. This ch apter contains the following sections: • Getting Started • Before Contacting Cisco or Y our Re[...]
-
Pagina 112
12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ADSL Troublesho oting ADSL Troubleshooting If you e xperience trouble with the ADSL connection, v erify the follo wing: • The ADSL line is connected and i s using pins 3 and 4. F or more information on the ADSL connection, see the hardw are gu[...]
-
Pagina 113
12-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands This command sends end-to-end O AM F5 packets, which are echoed back by the aggregator . show interface Command Use the show int erface command to display the status of all physical ports (Et hernet and A TM) and lo[...]
-
Pagina 114
12-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ATM Troubleshooting Co mmands Ta b l e 12-1 describes possible command ou tput for the sho w interface command. Ta b l e 12-1 show int erf ace Command Output Descri ption Output Cause For A TM Interfac es A TM 0 is up, line protocol is up The A [...]
-
Pagina 115
12-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands show atm interface Command T o display A TM-specifi c information about an A TM interface, use the show atm interface atm 0 command from pri vileged EXEC mode, as sh ow n in Example 12-3 . Example 12-3 Viewing Infor[...]
-
Pagina 116
12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting ATM Troubleshooting Co mmands • T o disable debu gging, enter the undeb ug all command. • To u s e deb ug commands during a T elnet session on your r outer , enter the terminal monitor command. Caution Debug ging is assigned a high priority [...]
-
Pagina 117
12-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting ATM Troubleshoo ting Commands 00:03:00: DSL: 1: Modem state = 0x8 00:03:02: DSL: 2: Modem state = 0x10 00:03:05: DSL: 3: Modem state = 0x10 00:03:07: DSL: 4: Modem state = 0x10 00:03:09: DSL: Received response: 0x24 00:03:09: DSL: Showtime! 00:0[...]
-
Pagina 118
12-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Software Upgrad e Methods Example 12-7 sho w s sample output for the deb ug atm packet co mmand. Example 12-7 Viewing A TM Pac k et Processing Router# debug atm packet Router# 01:23:48:ATM0(O): VCD:0x1 VPI:0x1 VCI:0x64 DM:0x0 SAP:AAAA CTL:03 OUI[...]
-
Pagina 119
12-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting Recovering a Lost Password Recovering a Lost Password T o recov er a lost enable or lost enable-secret passw ord: 1. Change the Configuration Re gister 2. Reset the Router 3. Reset the Passw ord and Sav e Y our Changes (for lost enable s ecret p[...]
-
Pagina 120
12-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Recovering a Lost Pa ssword Cisco SR520W-ADSL (MPC8272) processor (revision 0x100) with 118784K/12288K bytes of memory. Processor board ID FOC09171CB7 MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10 4 FastEthernet interfaces 1 ATM interface [...]
-
Pagina 121
12-11 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troub leshooting Recovering a Lost Password Step 7 Enter the enable command to enter enable mode. Conf iguration changes can be made only in en able mode: Router> enable The prompt changes to the pri vileged EXEC prompt: Router# Step 8 Enter the show startup[...]
-
Pagina 122
12-12 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Chapter 12 Troublesho oting Recovering a Lost Pa ssword Step 3 Enter exit to e xit configuratio n mode: Router(config)# exit Note T o return to the conf iguration being used before you recov ered the lost enable password, do not sav e the configuration ch anges before reb[...]
-
Pagina 123
P ART 4 Reference Inf ormation[...]
-
Pagina 124
[...]
-
Pagina 125
A-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX A Cisco IOS Software Basic Skills Understanding ho w to use Cisco IOS software can sa ve you time when you are conf iguring your router . If you need a refresher , take a fe w minutes to read this appendix. This appendix contain s the follo wing sections: • Confi[...]
-
Pagina 126
A-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Understandi ng Command Mode s Y ou can use the terminal emulation software to change settings for the type of de vice that is connected to the PC, in this case a rout er . Config ure the software to the follo wing standard VT -100 [...]
-
Pagina 127
A-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Understanding Command Mode s Ta b l e A -2 Command Modes Summary Mode Access Method Prompt Exit and Entrance Method About This Mode User EXEC Begin a session with your router . Router> T o exit a router session, enter the logou[...]
-
Pagina 128
A-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Getting Help Getting Help Y ou can use the qu estion mark (?) a nd ar ro w ke ys to help you enter commands. For a list of a vailable commands at th at command mode, enter a questi on mark: Router> ? access-enable Create a tempo[...]
-
Pagina 129
A-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Entering Glob al Configuration Mode Y ou can use two commands to do this: • enable secret password —A v ery secure, encrypted p assword • enable password —A less secure, unencrypted local password Both the enable and enabl[...]
-
Pagina 130
A-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Saving Configu ration Changes Abbreviating Commands Y ou only ha ve to enter enough ch aracters for the router to reco gnize the command as unique. This example sho ws how to enter the show versi on command: Router # sh v Undoing C[...]
-
Pagina 131
A-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisc o IOS Software Basic Skills Summary Press Return to accept the default destination filename startup- conf ig , or enter your desired destination filename and p ress Return . It might take a minute or two to sa ve the conf iguration to NVRAM. Af ter the conf [...]
-
Pagina 132
A-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix A Cisco IOS Software Basic Skills Where to Go Next[...]
-
Pagina 133
B-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX B Concepts This appendix contains conceptual information that may be useful to In ternet service providers or network admin istrators when the y configure Cisco ro uters. T o revie w some typical network scenarios, see Chapter 2, “Sample Ne twork Deplo yments. ?[...]
-
Pagina 134
B-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Network Pro tocols Network Protocols Network protoco ls enable the network to pass data fro m its source to a specif ic destination ov er LAN or W AN links. Routing address tables are included in the networ k protocols to pro vide the best path for movin[...]
-
Pagina 135
B-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts PPP Authentication Protocols PPP Authentication Protocols The Point-to-Point Pr otocol (PPP) encapsulates netwo rk layer protocol informat ion ov er point-to-point li nks. PPP originally emerged as an encapsula tion prot ocol for transporting IP traf fi [...]
-
Pagina 136
B-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts TACACS+ Note W e recommend us ing CHAP because it is th e more secure of the two protocols. TACACS+ Cisco Secure Router 520 Ser ies routers supp ort the T erminal Access Controller Access Control System Plus (T ACA CS+) protocol through T elnet. T A CACS[...]
-
Pagina 137
B-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts NAT PVC A PVC is a connection between remote hosts and ro uters. A PVC is establi shed for each A TM end node with which the router communicate s. The characteristi cs of the PVC that are established when it is created are set by the A TM adaptation laye[...]
-
Pagina 138
B-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Easy IP (Phase 1) T r anslations can be static or dynamic. A static address translation establishes a one-to-one mapping between t he inside network an d the outsid e domain. Dyna mic address tran slations are de f ined by describing the local addresses [...]
-
Pagina 139
B-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts QoS QoS This section descri bes Quality of Service (QoS) parameter s, including the follo wing: • IP Precedence • PPP Fragmentation and Interlea ving • CBWFQ • RSVP • Lo w Latency Queuing QoS refers to the capability of a netw ork to prov ide b[...]
-
Pagina 140
B-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts QoS In general, multilink PPP wi th interlea ving is used in conjunc tion with CBWFQ and RSVP or IP Precedence to ensure voice packet deli very . Use mu ltilink PPP with interleaving and CBW FQ to def i ne ho w data is managed; use Resource Reserv ation [...]
-
Pagina 141
B-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Access Lists Access Lists W ith basic standard and static e xtended access lists, you can approximate session f iltering by using the established ke yword with the permit command. The establis hed ke yword f ilters TCP packets based on whether the A CK o[...]
-
Pagina 142
B-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix B Concepts Access Lists[...]
-
Pagina 143
C-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX C ROM Monitor The R OM monitor firmware runs when the rout er is po we red up or reset. The f irmware helps to initialize the processor hardware an d boot the operating sy stem sof tware. Y ou can use the R OM monitor to perform certain conf iguration tasks, such a[...]
-
Pagina 144
C-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor ROM Monitor Commands T imesaver Break (system interrupt) is alw ays enabled for 60 second s after the rout er reboots, re gardless of whether it is set to on or of f in the configurat ion register . During this 60-second windo w , you can break to the[...]
-
Pagina 145
C-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Command Descriptions Commands are case sensitiv e. Y ou can halt any comma nd by pressing the Break key on a terminal. If you are using a PC, most terminal emu lation programs halt a com mand when you press the Ctrl and the Break ke ys at the same tim[...]
-
Pagina 146
C-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Disaster Recover y with TFTP Down load TFTP Download Command Variables This section describes the syst em v ariables that can be set in R OM monitor mode and that are used during the TFTP download process. The re are both required variables an d optio[...]
-
Pagina 147
C-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Configuration Register Using the TFTP Download Command Perform these steps in R OM monitor mode to downl oad a file throu gh TFTP: Step 1 Use the appropriate commands t o enter all the required v ariables and any optional v ariables described in prece[...]
-
Pagina 148
C-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Configuratio n Register Changing the Configuration Register Manually T o change the virtual conf iguration register fro m the R OM monitor manually , enter the confreg command follo wed by the new v alue of the regi ster in he xadecimal format, as sho[...]
-
Pagina 149
C-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Console Download Console Download Y ou can use cons ole do wnload, a R OM monitor functio n, to do w nload either a software image or a confi guration file o ver the router console por t. After download, the f ile is either saved to the mini -flash me[...]
-
Pagina 150
C-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Debug Command s Error Reporting Because the R OM monitor console download uses the co nsole to perform the data transfer , when an error occurs during a data transfer, error messages are only displayed on the console once the data transfer is terminat[...]
-
Pagina 151
C-9 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Exiting the ROM Monitor FP: 0x80005f9c, PC: 0x80008118 FP: 0x80005fac, PC: 0x80008064 FP: 0x80005fc4, PC: 0xfff03d70 FP: 0x80005ffc, PC: 0x00000000 FP: 0x00000000, PC: 0x00000000 • meminfo —Displays size in bytes, starti ng address, av ailable ran[...]
-
Pagina 152
C-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix C ROM Monitor Exiting the ROM Monitor[...]
-
Pagina 153
D-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 APPENDIX D Common Port Assignments Ta b l e D-1 lists currently assign ed T ransmission Cont rol Protocol (TCP) port number s. T o the extent possible, the User Datagram Protocol (UDP) uses the same numbers. Ta b l e D-1 TCP P ort Numbers Port Keyword Description 0 — Rese[...]
-
Pagina 154
D-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Appendix D Common Po rt Assignments 75 — Any pri vate dial-out service 77 — Any pri vate RJE service 79 FINGER Finger 95 SUPDUP SUPDUP Protocol 101 HOST N AME Network interface card (NIC) hostname server 102 ISO-TSAP ISO-Transport Service Access Point ( TSAP) 103 X400 X[...]
-
Pagina 155
IN-1 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 INDEX Symbols -? command C-3 ? command A-4, C-3 A AAL B-5 AAL3/4 B-5 AAL5 B-5 abbreviating commands A-6 access groups 11-3 access lists applying to interfaces 8-4 configuration comman ds 11-2 configuring for firewalls 8-3, 9-2 description B-9 ACK bits B-9 Address Resolutio[...]
-
Pagina 156
Index IN-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 configuration example 1-9 configuring 1-8 command modes A-2 to A-4 commands -? C-3 ? A-4 abbreviating A-6 access list 11-2 ATM troubleshooting 12-2 to 12-8 b C-3 b flash C-3 boot C-3 completing A-4 confreg C-6 context C-8 copy running-co nfig startup-config A-6 copy [...]
-
Pagina 157
Index IN-3 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Fast Ethernet LAN interfaces 1-4 Fast Ethernet WA N interface 1-5 firewall 8-1 to 8-6 global parameters 1-4 GRE tunnel 7-8 group policy 6-4, 7-4 IKE policy 6-3, 7-3 inspection rules for firewalls 8-4 IPsec tunnel 6-1 loopback interface 1-6 to 1-8 NAT 4-7 PPPoE with N[...]
-
Pagina 158
Index IN-4 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 extended access list, overview B-9 F Fast Ethernet LAN interfaces, configuring 1-4 Fast Ethernet WAN interface, configuring 1-5, 3-3 filtering See access lists firewalls access list configuration 8-3, 9-2 applying access lists to interfaces 8-4 applying inspection r [...]
-
Pagina 159
Index IN-5 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 loopback interface, config uring 1-6 to 1-8 low laten cy queuing See LFQ M meminfo command C -9 metrics RIP B-2 mode configurat ion, applying to crypto m ap 6-5 modes See command modes N NAT configuration example 3-8, 4-9 configuring with PPPoA 4-7 configuring with P[...]
-
Pagina 160
Index IN-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 protocols ATM B-4 Ethernet B-4 network B-2 network interface B-4 to B-5 PPP authentication B-3 routing overview B-2 to ?? PVC encapsulation types B-5 overview B-5 Q QoS parameters B-7 to B-8 queues, ATM B-8 R radio station subinterf aces, configuring 9-5 remote acces[...]
-
Pagina 161
Index IN-7 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 troubleshooting co mmands, ATM 12-2 to 12-8 U UDP port numbers D-1 to D-2 undoing commands A-6 upgrading software, methods for 12-8 User Datagram Protocol See UDP user EXEC mode A-2, A-3 V variables, command listing A-4 VC B-5 verify DHCP server configurat ion 5-4 Ea[...]
-
Pagina 162
Index IN-8 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01[...]