Software Guide
Page 3
... Getting Started Basic Router Configuration 1-1 Viewing the Default Configuration 1-2 Information Needed for Customizing the Default Parameters 1-2 Interface Port Labels 1-3 Configuring Basic Parameters 1-3 Configure Global Parameters 1-4 Configure Fast Ethernet LAN Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example...
... Getting Started Basic Router Configuration 1-1 Viewing the Default Configuration 1-2 Information Needed for Customizing the Default Parameters 1-2 Interface Port Labels 1-3 Configuring Basic Parameters 1-3 Configure Global Parameters 1-4 Configure Fast Ethernet LAN Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example...
Software Guide
Page 7
... Options B-2 RIP B-2 PPP Authentication Protocols B-3 PAP B-3 CHAP B-3 TACACS+ B-4 Network Interfaces B-4 Ethernet B-4 ATM for DSL B-4 PVC B-5 Dialer Interface B-5 NAT B-5 Easy IP (Phase 1) B-6 Easy IP (Phase 2) B-6 QoS B-7 IP Precedence B-7 PPP Fragmentation and Interleaving B-7 CBWFQ B-8 RSVP B-8 Low Latency Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
... Options B-2 RIP B-2 PPP Authentication Protocols B-3 PAP B-3 CHAP B-3 TACACS+ B-4 Network Interfaces B-4 Ethernet B-4 ATM for DSL B-4 PVC B-5 Dialer Interface B-5 NAT B-5 Easy IP (Phase 1) B-6 Easy IP (Phase 2) B-6 QoS B-7 IP Precedence B-7 PPP Fragmentation and Interleaving B-7 CBWFQ B-8 RSVP B-8 Low Latency Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
Software Guide
Page 10
...wireless LAN connection on your Cisco router with a secure IP tunnel using the Cisco Easy VPN. Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01 Chapter 4, "Configuring PPP over Ethernet with NAT" Provides instructions on how to configure PPPoA with Network Address Translation (NAT) on your Cisco router. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to configure a VPN Tunnel and Generic Routing Encapsulation" with the ADSL line and the telephone interface...
...wireless LAN connection on your Cisco router with a secure IP tunnel using the Cisco Easy VPN. Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01 Chapter 4, "Configuring PPP over Ethernet with NAT" Provides instructions on how to configure PPPoA with Network Address Translation (NAT) on your Cisco router. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to configure a VPN Tunnel and Generic Routing Encapsulation" with the ADSL line and the telephone interface...
Software Guide
Page 11
... User Datagram Protocol (UDP) port numbers. Note Means reader take note. In this situation, you work on any equipment, be careful. Statement 1071 SAVE THESE INSTRUCTIONS Waarschuwing BELANGRIJKE VEILIGHEIDSINSTRUCTIES Dit waarschuwingssymbool betekent gevaar. U verkeert in equipment damage or loss of each warning to additional information and material. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide...
... User Datagram Protocol (UDP) port numbers. Note Means reader take note. In this situation, you work on any equipment, be careful. Statement 1071 SAVE THESE INSTRUCTIONS Waarschuwing BELANGRIJKE VEILIGHEIDSINSTRUCTIES Dit waarschuwingssymbool betekent gevaar. U verkeert in equipment damage or loss of each warning to additional information and material. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide...
Software Guide
Page 21
...to the Internet. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-1 1 C H A P T E R Basic Router Configuration The Cisco Secure Router 520 Series routers are indicated whenever possible. It also describes the default configuration at startup. Features not supported by a particular router are designed for small businesses with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set. Note Individual router routers may not support every feature...
...to the Internet. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-1 1 C H A P T E R Basic Router Configuration The Cisco Secure Router 520 Series routers are indicated whenever possible. It also describes the default configuration at startup. Features not supported by a particular router are designed for small businesses with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set. Note Individual router routers may not support every feature...
Software Guide
Page 22
... Router Configuration Viewing the Default Configuration When the router first boots up, some or all of PVCs that is assigned as your Internet service provider (ISP) account - All of AAL5 encapsulation supported. Point-to-Point Protocol (PPP) client name that your network. • If you are setting up a connection to a corporate network, you and the network administrator must provide you need to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 PPP password to...
... Router Configuration Viewing the Default Configuration When the router first boots up, some or all of PVCs that is assigned as your Internet service provider (ISP) account - All of AAL5 encapsulation supported. Point-to-Point Protocol (PPP) client name that your network. • If you are setting up a connection to a corporate network, you and the network administrator must provide you need to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 PPP password to...
Software Guide
Page 24
...using a remote terminal, use the following: telnet router name or address Login: login id Password: ********* Router> enable Specifies the name for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Disables the router from translating unfamiliar words (typos) into IP addresses. Access is afforded through the VLAN. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for the router. For more information about creating VLANs, see the Cisco IOS Release 12.3 documentation...
...using a remote terminal, use the following: telnet router name or address Login: login id Password: ********* Router> enable Specifies the name for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Disables the router from translating unfamiliar words (typos) into IP addresses. Access is afforded through the VLAN. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for the router. For more information about creating VLANs, see the Cisco IOS Release 12.3 documentation...
Software Guide
Page 28
... Another way to verify the loopback interface is 2 seconds: !!!!! Specifies a unique password for access. Sets the interval that the EXEC command interpreter waits until user input is 10 minutes. This example specifies a console terminal for the console terminal line. Enables password checking at terminal session login. This example shows a timeout of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Entering a timeout...
... Another way to verify the loopback interface is 2 seconds: !!!!! Specifies a unique password for access. Sets the interval that the EXEC command interpreter waits until user input is 10 minutes. This example specifies a console terminal for the console terminal line. Enables password checking at terminal session login. This example shows a timeout of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Entering a timeout...
Software Guide
Page 29
... the Cisco IOS Release 12.3 documentation set. line con 0 exec-timeout 10 0 password 4youreyesonly login transport input none (default) stopbits 1 (default) line vty 0 4 password secret login ! Enables password checking at the virtual terminal session login. Specifies a virtual terminal for the virtual terminal line. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Chapter 1 Basic Router Configuration Configuring Basic Parameters Step 5 Command exit Example: Router(config-line)# exit Router (config)# Step 6 line [aux | console | tty | vty] line-number...
... the Cisco IOS Release 12.3 documentation set. line con 0 exec-timeout 10 0 password 4youreyesonly login transport input none (default) stopbits 1 (default) line vty 0 4 password secret login ! Enables password checking at the virtual terminal session login. Specifies a virtual terminal for the virtual terminal line. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Chapter 1 Basic Router Configuration Configuring Basic Parameters Step 5 Command exit Example: Router(config-line)# exit Router (config)# Step 6 line [aux | console | tty | vty] line-number...
Software Guide
Page 31
.... Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network 10.10.7.1 Router(config-router)# Specifies a list of directly connected networks. Configuring RIP Perform these routing protocols on the router. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-11 periodic downloaded static route Gateway of RIP version 1 or 2. ODR, P - Changes in dynamic routes are shared with other routers in global configuration mode: Step 1 Command router rip...
.... Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network 10.10.7.1 Router(config-router)# Specifies a list of directly connected networks. Configuring RIP Perform these routing protocols on the router. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-11 periodic downloaded static route Gateway of RIP version 1 or 2. ODR, P - Changes in dynamic routes are shared with other routers in global configuration mode: Step 1 Command router rip...
Software Guide
Page 41
... dialer-list 1 protocol ip permit Router(config)# Creates a dialer list and associates a dial group with NAT Configure Network Address Translation Step 5 Step 6 Command ppp authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# Purpose Sets the PPP authentication method to a specific destination subnetwork. Packets that can be set , see the Cisco IOS Dial Technologies Command Reference. Tip Using a dialer group controls access to a dialer group (1-10). Step 10 ip route prefix mask {interface-type interface-number...
... dialer-list 1 protocol ip permit Router(config)# Creates a dialer list and associates a dial group with NAT Configure Network Address Translation Step 5 Step 6 Command ppp authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# Purpose Sets the PPP authentication method to a specific destination subnetwork. Packets that can be set , see the Cisco IOS Dial Technologies Command Reference. Tip Using a dialer group controls access to a dialer group (1-10). Step 10 ip route prefix mask {interface-type interface-number...
Software Guide
Page 47
..., switches 2 Fast Ethernet LAN interface (inside interface for NAT, 192.168.1.1/24) 3 PPPoA Client-Cisco Secure Router 520 ADSL-over-POTS or Cisco Secure Router 520 ADSL-over-ISDN router 4 Point at the ISP Cisco Secure Router 520 Series Software Configuration Guide 4-1 Figure 4-1 PPP over ATM with NAT OL-14210-01 4 2 5 ISP 3 6 92340 1 1 Small business with a dial network. This scenario uses a single static IP address for NAT) 6 PPPoA session between the client and a PPPoA server at which NAT occurs 5 ATM WAN interface (outside interface for the ATM connection. Multiple PCs...
..., switches 2 Fast Ethernet LAN interface (inside interface for NAT, 192.168.1.1/24) 3 PPPoA Client-Cisco Secure Router 520 ADSL-over-POTS or Cisco Secure Router 520 ADSL-over-ISDN router 4 Point at the ISP Cisco Secure Router 520 Series Software Configuration Guide 4-1 Figure 4-1 PPP over ATM with NAT OL-14210-01 4 2 5 ISP 3 6 92340 1 1 Small business with a dial network. This scenario uses a single static IP address for NAT) 6 PPPoA session between the client and a PPPoA server at which NAT occurs 5 ATM WAN interface (outside interface for the ATM connection. Multiple PCs...
Software Guide
Page 58
...Example: Specifies the address of the user's physical location or LAN connection. VLANs enable networks to complete unqualified hostnames (names without a dotted-decimal domain name). Configure DHCP Perform these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring PPP over ATM with NAT" as PPPoE or PPPoA with the configuration data from the Network Registrar database. Cisco Secure Router 520 Series Software Configuration Guide 5-2 OL-14210-01 Configure DHCP Chapter 5 Configuring a LAN...
...Example: Specifies the address of the user's physical location or LAN connection. VLANs enable networks to complete unqualified hostnames (names without a dotted-decimal domain name). Configure DHCP Perform these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring PPP over ATM with NAT" as PPPoE or PPPoA with the configuration data from the Network Registrar database. Cisco Secure Router 520 Series Software Configuration Guide 5-2 OL-14210-01 Configure DHCP Chapter 5 Configuring a LAN...
Software Guide
Page 116
... interface processor and to use debug commands during periods of low network traffic so that other activity on your router unusable. Example 12-4 shows a sample output. Example 12-5 shows an ADSL line that is 0x8. The no form of this command disables debugging output. Caution Debugging is not adversely affected. For this reason, use debug commands only to troubleshoot specific problems. The best time to diagnose problems in the Cisco IOS...
... interface processor and to use debug commands during periods of low network traffic so that other activity on your router unusable. Example 12-4 shows a sample output. Example 12-5 shows an ADSL line that is 0x8. The no form of this command disables debugging output. Caution Debugging is not adversely affected. For this reason, use debug commands only to troubleshoot specific problems. The best time to diagnose problems in the Cisco IOS...
Software Guide
Page 127
...; Line configuration • To exit to global Use this mode for these tasks: the logout command. • Change terminal settings. • Perform basic tests. • Display system information. • To exit to user EXEC Use this mode to configure configuration mode, parameters for these tasks: mode, enter the disable • Configure your exit or end command, or router as interface atm 0) from global configuration mode. Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method...
...; Line configuration • To exit to global Use this mode for these tasks: the logout command. • Change terminal settings. • Perform basic tests. • Display system information. • To exit to user EXEC Use this mode to configure configuration mode, parameters for these tasks: mode, enter the disable • Configure your exit or end command, or router as interface atm 0) from global configuration mode. Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method...
Software Guide
Page 128
...and arrow keys to press the Up Arrow key for example, line 0, from global configuration mode. Getting Help Appendix A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of the router commands followed by a space and a question mark: Router> show slip systat For a list of available commands at that command mode, enter a question mark: Router> ? To redisplay a command you should password-protect these commands to set show ? ... Cisco Secure Router 520 Series Software Configuration Guide A-4 OL...
...and arrow keys to press the Up Arrow key for example, line 0, from global configuration mode. Getting Help Appendix A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of the router commands followed by a space and a question mark: Router> show slip systat For a list of available commands at that command mode, enter a question mark: Router> ? To redisplay a command you should password-protect these commands to set show ? ... Cisco Secure Router 520 Series Software Configuration Guide A-4 OL...
Software Guide
Page 140
...-time traffic. RSVP can experience jitter, insufficient bandwidth, delay variations, or information loss. Cisco Secure Router 520 Series Software Configuration Guide B-8 OL-14210-01 There are dequeued), giving delay-sensitive data preferential treatment over other queues are two levels of queuing: ATM queues and Cisco IOS queues. CBWFQ is created. RSVP works well on an interface to reserve enough bandwidth on PPP, HDLC, and similar serial-line interfaces. RSVP RSVP enables routers...
...-time traffic. RSVP can experience jitter, insufficient bandwidth, delay variations, or information loss. Cisco Secure Router 520 Series Software Configuration Guide B-8 OL-14210-01 There are dequeued), giving delay-sensitive data preferential treatment over other queues are two levels of queuing: ATM queues and Cisco IOS queues. CBWFQ is created. RSVP works well on an interface to reserve enough bandwidth on PPP, HDLC, and similar serial-line interfaces. RSVP RSVP enables routers...
Software Guide
Page 143
... monitor runs the router. If there is connected to initialize the processor hardware and boot the operating system software. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide C-1 ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is powered up in ROM monitor mode the next time it is rebooted: Step 1 Command enable Step 2 Step 3 configure terminal config-reg 0x0 Purpose Enters privileged EXEC mode. The firmware helps to the router over the console port.
... monitor runs the router. If there is connected to initialize the processor hardware and boot the operating system software. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide C-1 ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is powered up in ROM monitor mode the next time it is rebooted: Step 1 Command enable Step 2 Step 3 configure terminal config-reg 0x0 Purpose Enters privileged EXEC mode. The firmware helps to the router over the console port.
Software Guide
Page 146
... file download process; MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. DEFAULT_GATEWAY= ip_address IP address of the file that will be downloaded. Name of the TFTP server from which the TFTP_SERVER= ip_address software will be downloaded to indicate file download progress. There are displayed to TFTP_FILE= filename the router. Disaster Recovery with TFTP Download Appendix C ROM Monitor TFTP Download Command...
... file download process; MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. DEFAULT_GATEWAY= ip_address IP address of the file that will be downloaded. Name of the TFTP server from which the TFTP_SERVER= ip_address software will be downloaded to indicate file download progress. There are displayed to TFTP_FILE= filename the router. Disaster Recovery with TFTP Download Appendix C ROM Monitor TFTP Download Command...
Software Guide
Page 157
... NAT 3-1, 3-2 RIP 1-11 router from PC A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing...
... NAT 3-1, 3-2 RIP 1-11 router from PC A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing...