Software Guide
Page 1
Cisco Secure Router 520 Series Software Configuration Guide Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: Text Part Number: OL-14210-01
Cisco Secure Router 520 Series Software Configuration Guide Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: Text Part Number: OL-14210-01
Software Guide
Page 3
...Obtaining Documentation and Submitting a Service Request xvii Getting Started Basic Router Configuration 1-1 Viewing the Default Configuration 1-2 Information Needed for Customizing the Default Parameters 1-2 Interface Port Labels 1-3 Configuring Basic Parameters 1-3 Configure Global... Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration ...
...Obtaining Documentation and Submitting a Service Request xvii Getting Started Basic Router Configuration 1-1 Viewing the Default Configuration 1-2 Information Needed for Customizing the Default Parameters 1-2 Interface Port Labels 1-3 Configuring Basic Parameters 1-3 Configure Global... Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration ...
Software Guide
Page 4
Contents 2 P A R T Configuring Your Router for Ethernet and DSL Access 2 C H A P T E R Sample Network Deployments 2-1 3 C H A P T E R Configuring PPP over Ethernet with NAT 3-1 Configure the Virtual Private Dialup Network Group Number 3-2 Configure the Fast ... Group Policy Information 6-4 Apply Mode Configuration to the Crypto Map 6-5 Enable Policy Lookup 6-6 Configure IPsec Transforms and Protocols 6-6 Configure the IPsec Crypto Method and Parameters 6-7 Cisco Secure Router 520 Series Software Configuration Guide iv OL-14210-01
Contents 2 P A R T Configuring Your Router for Ethernet and DSL Access 2 C H A P T E R Sample Network Deployments 2-1 3 C H A P T E R Configuring PPP over Ethernet with NAT 3-1 Configure the Virtual Private Dialup Network Group Number 3-2 Configure the Fast ... Group Policy Information 6-4 Apply Mode Configuration to the Crypto Map 6-5 Enable Policy Lookup 6-6 Configure IPsec Transforms and Protocols 6-6 Configure the IPsec Crypto Method and Parameters 6-7 Cisco Secure Router 520 Series Software Configuration Guide iv OL-14210-01
Software Guide
Page 5
... 9-1 Configure the Root Radio Station 9-2 Configure Bridging on VLANs 9-4 Configure Radio Station Subinterfaces 9-5 Configuration Example 9-6 Configuring Additional Features and Troubleshooting Additional Configuration Options 10-1 Configuring Security Features 11-1 Authentication, Authorization, and Accounting 11-1 Configuring AutoSecure 11-2 Configuring Access Lists 11-2 Access Groups 11-3 Cisco Secure Router 520 Series Software Configuration Guide v
... 9-1 Configure the Root Radio Station 9-2 Configure Bridging on VLANs 9-4 Configure Radio Station Subinterfaces 9-5 Configuration Example 9-6 Configuring Additional Features and Troubleshooting Additional Configuration Options 10-1 Configuring Security Features 11-1 Authentication, Authorization, and Accounting 11-1 Configuring AutoSecure 11-2 Configuring Access Lists 11-2 Access Groups 11-3 Cisco Secure Router 520 Series Software Configuration Guide v
Software Guide
Page 6
... Creating Access Groups 11-3 Configuring a CBAC Firewall 11-3 Configuring Cisco IOS Firewall IDS 11-4 Configuring VPNs 11-4 Troubleshooting 12-1 Getting Started 12-1 Before Contacting Cisco or Your Reseller 12-1 ADSL Troubleshooting 12-2 ATM Troubleshooting Commands ...Cisco IOS Software Basic Skills A-1 Configuring the Router from a PC A-1 Understanding Command Modes A-2 Getting Help A-4 Enable Secret Passwords and Enable Passwords A-4 Entering Global Configuration Mode A-5 Using Commands A-5 Abbreviating Commands A-6 Undoing Commands A-6 Command-Line Error Messages A-6 Cisco Secure Router 520...
... Creating Access Groups 11-3 Configuring a CBAC Firewall 11-3 Configuring Cisco IOS Firewall IDS 11-4 Configuring VPNs 11-4 Troubleshooting 12-1 Getting Started 12-1 Before Contacting Cisco or Your Reseller 12-1 ADSL Troubleshooting 12-2 ATM Troubleshooting Commands ...Cisco IOS Software Basic Skills A-1 Configuring the Router from a PC A-1 Understanding Command Modes A-2 Getting Help A-4 Enable Secret Passwords and Enable Passwords A-4 Entering Global Configuration Mode A-5 Using Commands A-5 Abbreviating Commands A-6 Undoing Commands A-6 Command-Line Error Messages A-6 Cisco Secure Router 520...
Software Guide
Page 7
... Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
... Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
Software Guide
Page 8
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Software Guide
Page 9
OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide ix Audience This guide is intended for network administrators whose backgrounds vary from having a high level of this guide, and describes related documents that was shipped with your router. Preface This preface describes the objectives, audience, organization, and... This guide provides an overview and explains how to having little or no experience in the Readme First for Cisco Secure Router 520 Series document that have additional information. For warranty, service, and support information, see the...
OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide ix Audience This guide is intended for network administrators whose backgrounds vary from having a high level of this guide, and describes related documents that was shipped with your router. Preface This preface describes the objectives, audience, organization, and... This guide provides an overview and explains how to having little or no experience in the Readme First for Cisco Secure Router 520 Series document that have additional information. For warranty, service, and support information, see the...
Software Guide
Page 10
... Using an IPsec Provides instructions on your Cisco router. Chapter 11, "Configuring Security Features" Explains basic configuration of features. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to configure a wireless LAN connection on your Cisco router. Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01...
... Using an IPsec Provides instructions on your Cisco router. Chapter 11, "Configuring Security Features" Explains basic configuration of features. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to configure a wireless LAN connection on your Cisco router. Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01...
Software Guide
Page 11
... this situation, you work on any equipment, be aware of data. Tilanne voi aiheuttaa ruumiillisia vammoja. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xi BEWAAR DEZE INSTRUCTIES Varoitus TÄRKEITÄ TURVALLISUUSOHJEITA Tämä varoitusmerkki merkitsee vaaraa. Ennen kuin käsittelet laitteistoa, huomioi sä...
... this situation, you work on any equipment, be aware of data. Tilanne voi aiheuttaa ruumiillisia vammoja. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xi BEWAAR DEZE INSTRUCTIES Varoitus TÄRKEITÄ TURVALLISUUSOHJEITA Tämä varoitusmerkki merkitsee vaaraa. Ennen kuin käsittelet laitteistoa, huomioi sä...
Software Guide
Page 16
... Readme First for Cisco Secure Router 500 Series http://www.cisco.com/en/US/docs/routers/access/500/520/rcsi/500_rcsi.html Cisco Secure Router 520 Series Software Configuration Guide xvi OL-14210-01 Preface Related Documentation The Cisco Secure Router 520 Series product is available on Cisco.com: • Cisco Secure Router 520 Series Hardware Installation Guide http://www.cisco.com/en/US/docs/routers/access/500/520/hardware/installation/guide...
... Readme First for Cisco Secure Router 500 Series http://www.cisco.com/en/US/docs/routers/access/500/520/rcsi/500_rcsi.html Cisco Secure Router 520 Series Software Configuration Guide xvi OL-14210-01 Preface Related Documentation The Cisco Secure Router 520 Series product is available on Cisco.com: • Cisco Secure Router 520 Series Hardware Installation Guide http://www.cisco.com/en/US/docs/routers/access/500/520/hardware/installation/guide...
Software Guide
Page 17
... a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What's New in... Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0. OL-14210-01 Cisco Secure Router 520 Series Software Configuration...
... a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What's New in... Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0. OL-14210-01 Cisco Secure Router 520 Series Software Configuration...
Software Guide
Page 21
... the Cisco Configuration Assistant, Cisco Smart Assist, Cisco Monitor Manager, and Cisco Monitor Director. This chapter provides procedures for small businesses with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set. As part of the SBCS portfolio, the Cisco Secure Router 520 Series routers deliver...
... the Cisco Configuration Assistant, Cisco Smart Assist, Cisco Monitor Manager, and Cisco Monitor Director. This chapter provides procedures for small businesses with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set. As part of the SBCS portfolio, the Cisco Secure Router 520 Series routers deliver...
Software Guide
Page 22
... path identifier (VPI), virtual circuit identifier (VCI), and traffic shaping parameters. - Step 2 Use the show running-config command to access the router - DNS server IP address and default gateways • If you are setting up a connection to a corporate network, you are setting up IP...you, along with a static IP address. PPP client name to view the initial configuration. PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 For bridged RFC 1483, you may obtain a static IP address from your network. •...
... path identifier (VPI), virtual circuit identifier (VCI), and traffic shaping parameters. - Step 2 Use the show running-config command to access the router - DNS server IP address and default gateways • If you are setting up a connection to a corporate network, you are setting up IP...you, along with a static IP address. PPP client name to view the initial configuration. PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 For bridged RFC 1483, you may obtain a static IP address from your network. •...
Software Guide
Page 23
...the Router A configuration example is DMT (also called ANSI T1.413) or DMT Issue 2. Ensure that task. Table 1-1 Supported Interfaces and Associated Port Labels by Router Router Cisco Secure Router 520 Ethernet-to-Ethernet routers Cisco Secure Router 520 ADSL-over-POTS routers Cisco Secure Router 520 ADSL-over-ISDN routers ...the "Configuring Basic Parameters" section. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-3 Order the appropriate line from your router, beginning with each router and their associated port labels on your public telephone service ...
...the Router A configuration example is DMT (also called ANSI T1.413) or DMT Issue 2. Ensure that task. Table 1-1 Supported Interfaces and Associated Port Labels by Router Router Cisco Secure Router 520 Ethernet-to-Ethernet routers Cisco Secure Router 520 ADSL-over-POTS routers Cisco Secure Router 520 ADSL-over-ISDN routers ...the "Configuring Basic Parameters" section. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-3 Order the appropriate line from your router, beginning with each router and their associated port labels on your public telephone service ...
Software Guide
Page 24
... interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Disables the router from translating unfamiliar words (typos) into IP addresses. Configuring Basic Parameters Chapter 1 Basic...
... interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Disables the router from translating unfamiliar words (typos) into IP addresses. Configuring Basic Parameters Chapter 1 Basic...
Software Guide
Page 25
... This procedure applies only to the Cisco Secure Router 520 Ethernet-to administratively up. Exits configuration mode for the Fast Ethernet interface and returns to the Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers. Configure the ATM WAN Interface This procedure applies only to global configuration mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-5 Perform...
... This procedure applies only to the Cisco Secure Router 520 Ethernet-to administratively up. Exits configuration mode for the Fast Ethernet interface and returns to the Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers. Configure the ATM WAN Interface This procedure applies only to global configuration mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-5 Perform...
Software Guide
Page 26
....200.100.1 255.255.255.0 Router(config-if)# Sets the IP address and subnet mask for the ATM interface and returns to the router through a wireless LAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-6 OL-14210-01 Step 3 no shutdown Router(config-if)# Step 4 exit Example: Router(config-if)# exit Router(config)# Exits configuration mode for the...
....200.100.1 255.255.255.0 Router(config-if)# Sets the IP address and subnet mask for the ATM interface and returns to the router through a wireless LAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-6 OL-14210-01 Step 3 no shutdown Router(config-if)# Step 4 exit Example: Router(config-if)# exit Router(config)# Exits configuration mode for the...
Software Guide
Page 27
...-template interface. The loopback interface points back to virtual-template1, which acts as a static IP address. Chapter 1 Basic Router Configuration Configuring Basic Parameters Perform these steps to configure a loopback interface, beginning in this sample configuration is 200.200.100.1/24..., txload 1/255, rxload 1/255 Encapsulation LOOPBACK, loopback not set Last input never, output never, output hang never OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-7 interface loopback 0 ip address 200.200.100.1 255.255.255.0 (static IP address) ip nat outside...
...-template interface. The loopback interface points back to virtual-template1, which acts as a static IP address. Chapter 1 Basic Router Configuration Configuring Basic Parameters Perform these steps to configure a loopback interface, beginning in this sample configuration is 200.200.100.1/24..., txload 1/255, rxload 1/255 Encapsulation LOOPBACK, loopback not set Last input never, output never, output hang never OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-7 interface loopback 0 ip address 200.200.100.1 255.255.255.0 (static IP address) ip nat outside...
Software Guide
Page 28
This example specifies a console terminal for the console terminal line. Entering a timeout of 5 minutes and 30 seconds. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Optionally, add seconds to abort. Sending 5, 100-byte ICMP Echos to 200.200.100.1, timeout is detected. Enables ...
This example specifies a console terminal for the console terminal line. Entering a timeout of 5 minutes and 30 seconds. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Optionally, add seconds to abort. Sending 5, 100-byte ICMP Echos to 200.200.100.1, timeout is detected. Enables ...