Installation Guide
Page 13
... Series Internet Router Installation Guide • Cisco 7600 Series Internet Router Module Installation Guide • Cisco 7600 Series Internet Router Quick Software Configuration Guide • Cisco 7600 Series Internet Router Software Configuration Guide • Cisco 7600 Series Internet Router Command Reference • Cisco 7600 Series Internet Router System Message Guide • Cisco 7600 Series Internet Router IOS Software Configuration Guide • Cisco 7600 Series Internet Router...
... Series Internet Router Installation Guide • Cisco 7600 Series Internet Router Module Installation Guide • Cisco 7600 Series Internet Router Quick Software Configuration Guide • Cisco 7600 Series Internet Router Software Configuration Guide • Cisco 7600 Series Internet Router Command Reference • Cisco 7600 Series Internet Router System Message Guide • Cisco 7600 Series Internet Router IOS Software Configuration Guide • Cisco 7600 Series Internet Router...
Installation Guide
Page 22
... switching, local and remote management, and multiple gigabit uplink interfaces. Cisco 7609 Internet Router Chapter 1 Product Overview Cisco 7609 Internet Router The Cisco 7609 Internet Router chassis has nine vertical slots that are numbered from right to the Cisco 7600 Series Internet Router Software Configuration Guide. Cisco 7609 Internet Router Installation Guide 1-4 OL-5079-04 Slot 2 can act as a backup if the...
... switching, local and remote management, and multiple gigabit uplink interfaces. Cisco 7609 Internet Router Chapter 1 Product Overview Cisco 7609 Internet Router The Cisco 7609 Internet Router chassis has nine vertical slots that are numbered from right to the Cisco 7600 Series Internet Router Software Configuration Guide. Cisco 7609 Internet Router Installation Guide 1-4 OL-5079-04 Slot 2 can act as a backup if the...
Installation Guide
Page 24
... scalable up to 256 Gbps when using the Switch Fabric Module (WS-C6500-SFM) • Up to the Cisco 7600 Series Internet Router Software Configuration Guide. For software descriptions, refer to eight additional OSMs or Catalyst 6000 family modules • Hot-swappable fan assembly and... modules • Redundant AC-input or DC-input power supplies System Features This section describes the hardware features for the Cisco 7609 Internet...
... scalable up to 256 Gbps when using the Switch Fabric Module (WS-C6500-SFM) • Up to the Cisco 7600 Series Internet Router Software Configuration Guide. For software descriptions, refer to eight additional OSMs or Catalyst 6000 family modules • Hot-swappable fan assembly and... modules • Redundant AC-input or DC-input power supplies System Features This section describes the hardware features for the Cisco 7609 Internet...
Installation Guide
Page 26
.... Sensors on environmental monitoring. If the air temperature exceeds a preset threshold, the environmental monitor displays warning messages. Cisco 7609 Internet Router Installation Guide 1-8 OL-5079-04 To replace port adapters, you have a redundant supervisor engine) and fans. Figure 1-2 shows.... Cisco 7600 Internet Router Components Chapter 1 Product Overview Component Hot Swapping You can add, replace, or remove modules without interrupting the system power or causing other software or interfaces to the Cisco 7600 Series Internet Router Software Configuration Guide for...
.... Sensors on environmental monitoring. If the air temperature exceeds a preset threshold, the environmental monitor displays warning messages. Cisco 7609 Internet Router Installation Guide 1-8 OL-5079-04 To replace port adapters, you have a redundant supervisor engine) and fans. Figure 1-2 shows.... Cisco 7600 Internet Router Components Chapter 1 Product Overview Component Hot Swapping You can add, replace, or remove modules without interrupting the system power or causing other software or interfaces to the Cisco 7600 Series Internet Router Software Configuration Guide for...
Installation Guide
Page 29
Note For proper load-sharing operation in a redundant power supply configuration, you must install two modules in the chassis. OL-5079-04 Cisco 7609 Internet Router Installation Guide 1-11 If one power supply fails, the second power supply immediately assumes full power to install two modules, you might receive spurious OUTPUT FAIL indications ...
Note For proper load-sharing operation in a redundant power supply configuration, you must install two modules in the chassis. OL-5079-04 Cisco 7609 Internet Router Installation Guide 1-11 If one power supply fails, the second power supply immediately assumes full power to install two modules, you might receive spurious OUTPUT FAIL indications ...
Installation Guide
Page 30
... or more of the DC-output voltages of the power supply 1-12 Cisco 7609 Internet Router Installation Guide OL-5079-04 When the power supply returns to the Cisco 7600 Series Internet Router Software Configuration Guide. The power supplies monitor their own internal temperature and voltages. The power...) • Off when the input voltage falls below -33 VDC or if the power supply shuts down to prevent damage. Cisco 7600 Internet Router Components Chapter 1 Product Overview Environmental Monitoring of the Power Supply The environmental monitoring and reporting functions allow you to...
... or more of the DC-output voltages of the power supply 1-12 Cisco 7609 Internet Router Installation Guide OL-5079-04 When the power supply returns to the Cisco 7600 Series Internet Router Software Configuration Guide. The power supplies monitor their own internal temperature and voltages. The power...) • Off when the input voltage falls below -33 VDC or if the power supply shuts down to prevent damage. Cisco 7600 Internet Router Components Chapter 1 Product Overview Environmental Monitoring of the Power Supply The environmental monitoring and reporting functions allow you to...
Installation Guide
Page 68
...Cisco 7600 Series Internet Router Software Configuration Guide, the Cisco 7600 Series Internet Router IOS Software Configuration Guide, the Cisco 7600 Series Internet Router Command Reference, or the Cisco 7600 Series Internet Router IOS Command Reference publications to the Cisco 7600 Series Internet Router Module Installation Guide...consists of troubleshooting. You should see the FAN LED turn green and should be doing. If the FAN Cisco 7609 Internet Router Installation Guide 4-2 OL-5079-04 Getting Started When the initial system boot is complete, verify the following subsystems: &#...
...Cisco 7600 Series Internet Router Software Configuration Guide, the Cisco 7600 Series Internet Router IOS Software Configuration Guide, the Cisco 7600 Series Internet Router Command Reference, or the Cisco 7600 Series Internet Router IOS Command Reference publications to the Cisco 7600 Series Internet Router Module Installation Guide...consists of troubleshooting. You should see the FAN LED turn green and should be doing. If the FAN Cisco 7609 Internet Router Installation Guide 4-2 OL-5079-04 Getting Started When the initial system boot is complete, verify the following subsystems: &#...
Installation Guide
Page 69
... checking the LEDs, you have a redundant supervisor engine, refer to the Cisco 7600 Series Internet Router Software Configuration Guide or the Cisco 7600 Series Internet Router IOS Software Configuration Guide publications for descriptions of how the redundant supervisor engine comes online and how ... Identifying Startup Problems LEDs indicate all system states in the fan assembly is not operating. OL-5079-04 Cisco 7609 Internet Router Installation Guide 4-3 Perform these steps to operate. Chapter 4 Troubleshooting Identifying Startup Problems LED is red, this indicates that...
... checking the LEDs, you have a redundant supervisor engine, refer to the Cisco 7600 Series Internet Router Software Configuration Guide or the Cisco 7600 Series Internet Router IOS Software Configuration Guide publications for descriptions of how the redundant supervisor engine comes online and how ... Identifying Startup Problems LEDs indicate all system states in the fan assembly is not operating. OL-5079-04 Cisco 7609 Internet Router Installation Guide 4-3 Perform these steps to operate. Chapter 4 Troubleshooting Identifying Startup Problems LED is red, this indicates that...
Installation Guide
Page 70
...front panel are receiving power, have a redundant supervisor engine, refer to the Cisco 7600 Series Internet Router Software Configuration Guide or the Cisco 7600 Series Internet Router IOS Software Configuration Guide publications for descriptions of the supervisor engine LEDs, refer to start up, this ... 4-6. Identifying Startup Problems Chapter 4 Troubleshooting Step 2 Step 3 Step 4 Check that the LEDs on the switching modules. Cisco 7609 Internet Router Installation Guide 4-4 OL-5079-04 If one or more environmental monitor reports a problem, the SYSTEM LED is orange or red. ...
...front panel are receiving power, have a redundant supervisor engine, refer to the Cisco 7600 Series Internet Router Software Configuration Guide or the Cisco 7600 Series Internet Router IOS Software Configuration Guide publications for descriptions of the supervisor engine LEDs, refer to start up, this ... 4-6. Identifying Startup Problems Chapter 4 Troubleshooting Step 2 Step 3 Step 4 Check that the LEDs on the switching modules. Cisco 7609 Internet Router Installation Guide 4-4 OL-5079-04 If one or more environmental monitor reports a problem, the SYSTEM LED is orange or red. ...
Installation Guide
Page 73
Contacting Customer Service If you have already taken to isolate and resolve the problem OL-5079-04 Cisco 7609 Internet Router Installation Guide 4-7 Chapter 4 Troubleshooting Contacting Customer Service If the status LED on a switching module is orange, the ...of the steps you are unable to configure or enable the interfaces. Refer to the Cisco 7600 Series Internet Router Software Configuration Guide, the Cisco 7600 Series Internet Router IOS Software Configuration Guide, the Cisco 7600 Series Internet Router Command Reference or the Cisco 7600 Series Internet Router IOS Command ...
Contacting Customer Service If you have already taken to isolate and resolve the problem OL-5079-04 Cisco 7609 Internet Router Installation Guide 4-7 Chapter 4 Troubleshooting Contacting Customer Service If the status LED on a switching module is orange, the ...of the steps you are unable to configure or enable the interfaces. Refer to the Cisco 7600 Series Internet Router Software Configuration Guide, the Cisco 7600 Series Internet Router IOS Software Configuration Guide, the Cisco 7600 Series Internet Router Command Reference or the Cisco 7600 Series Internet Router IOS Command ...
Configuration Guide
Page 1
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide Using the CLI Release 4.1 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: N/A, Online only Text Part Number: OL-20748-01
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide Using the CLI Release 4.1 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: N/A, Online only Text Part Number: OL-20748-01
Configuration Guide
Page 2
...Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM Copyright © 2010 Cisco Systems, ...Inc. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. All rights reserved. CCDE, CCENT, CCSI, Cisco Eos, Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco...
...Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM Copyright © 2010 Cisco Systems, ...Inc. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. All rights reserved. CCDE, CCENT, CCSI, Cisco Eos, Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco...
Configuration Guide
Page 3
... 1-7 Stateful Inspection Overview 1-8 Security Context Overview 1-9 Configuring the Switch for the Firewall Services Module 2-1 Switch Overview 2-1 Verifying the Module Installation 2-2 Assigning VLANs to the Firewall Services Module 2-2 VLAN Guidelines 2-3 Assigning VLANs to the FWSM 2-3 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM iii
... 1-7 Stateful Inspection Overview 1-8 Security Context Overview 1-9 Configuring the Switch for the Firewall Services Module 2-1 Switch Overview 2-1 Verifying the Module Installation 2-2 Assigning VLANs to the Firewall Services Module 2-2 VLAN Guidelines 2-3 Assigning VLANs to the FWSM 2-3 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM iii
Configuration Guide
Page 4
... and Removing Configuration Settings 3-5 Creating Text Configuration Files Offline 3-6 4 C H A P T E R Configuring Security Contexts 4-1 Security Context Overview 4-1 Common Uses for Security Contexts 4-2 Unsupported Features 4-2 Context Configuration Files 4-2 Context Configurations 4-2 System Configuration 4-2 Admin Context Configuration 4-3 How the FWSM Classifies Packets 4-3 Valid Classifier Criteria 4-3 Invalid Classifier Criteria 4-4 Classification Examples 4-5 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using...
... and Removing Configuration Settings 3-5 Creating Text Configuration Files Offline 3-6 4 C H A P T E R Configuring Security Contexts 4-1 Security Context Overview 4-1 Common Uses for Security Contexts 4-2 Unsupported Features 4-2 Context Configuration Files 4-2 Context Configurations 4-2 System Configuration 4-2 Admin Context Configuration 4-3 How the FWSM Classifies Packets 4-3 Valid Classifier Criteria 4-3 Invalid Classifier Criteria 4-4 Classification Examples 4-5 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using...
Configuration Guide
Page 5
...Access 4-9 Context Administrator Access 4-10 Enabling or Disabling Multiple Context Mode 4-10 Backing Up the Single Mode Configuration 4-10 Enabling Multiple Context Mode 4-10 Restoring Single Context Mode 4-11 Managing Memory for Rules 4-11 ...Configuration 4-34 Reloading by Removing and Readding the Context 4-35 Monitoring Security Contexts 4-35 Viewing Context Information 4-35 Viewing Resource Allocation 4-36 Viewing Resource Usage 4-39 Monitoring SYN Attacks in Contexts 4-40 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide...
...Access 4-9 Context Administrator Access 4-10 Enabling or Disabling Multiple Context Mode 4-10 Backing Up the Single Mode Configuration 4-10 Enabling Multiple Context Mode 4-10 Restoring Single Context Mode 4-11 Managing Memory for Rules 4-11 ...Configuration 4-34 Reloading by Removing and Readding the Context 4-35 Monitoring Security Contexts 4-35 Viewing Context Information 4-35 Viewing Resource Allocation 4-36 Viewing Resource Usage 4-39 Monitoring SYN Attacks in Contexts 4-40 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide...
Configuration Guide
Page 6
...Host 5-16 Setting Transparent or Routed Firewall Mode 5-17 6 C H A P T E R Configuring Interface Parameters 6-1 Security Level Overview 6-1 Configuring Interfaces for Routed Firewall Mode 6-2 Guidelines and Limitations 6-2 Configuring an Interface 6-3 Configuring Interfaces for Transparent Firewall Mode 6-4 Information About Interfaces in Transparent Mode 6-4 Information About Bridge Groups ...to Access an Inside Host 5-5 A DMZ User Attempts to a Bridge Group 6-6 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM vi OL-20748-01
...Host 5-16 Setting Transparent or Routed Firewall Mode 5-17 6 C H A P T E R Configuring Interface Parameters 6-1 Security Level Overview 6-1 Configuring Interfaces for Routed Firewall Mode 6-2 Guidelines and Limitations 6-2 Configuring an Interface 6-3 Configuring Interfaces for Transparent Firewall Mode 6-4 Information About Interfaces in Transparent Mode 6-4 Information About Bridge Groups ...to Access an Inside Host 5-5 A DMZ User Attempts to a Bridge Group 6-6 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM vi OL-20748-01
Configuration Guide
Page 7
... the Same Security Level 6-10 Configuring Inter-Interface Communication 6-10 Configuring Intra-Interface Communication 6-11 Turning Off and Turning On Interfaces 6-12 Configuring Basic Settings 7-1 Changing the Passwords...Configuring OSPF 8-9 OSPF Overview 8-9 Enabling OSPF 8-10 Redistributing Routes Between OSPF Processes 8-11 Configuring OSPF Interface Parameters 8-12 Configuring OSPF Area Parameters 8-14 Configuring OSPF NSSA 8-15 Configuring a Point-To-Point, Non-Broadcast OSPF Neighbor 8-16 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide...
... the Same Security Level 6-10 Configuring Inter-Interface Communication 6-10 Configuring Intra-Interface Communication 6-11 Turning Off and Turning On Interfaces 6-12 Configuring Basic Settings 7-1 Changing the Passwords...Configuring OSPF 8-9 OSPF Overview 8-9 Enabling OSPF 8-10 Redistributing Routes Between OSPF Processes 8-11 Configuring OSPF Interface Parameters 8-12 Configuring OSPF Area Parameters 8-14 Configuring OSPF NSSA 8-15 Configuring a Point-To-Point, Non-Broadcast OSPF Neighbor 8-16 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide...
Configuration Guide
Page 8
... Guidelines 8-33 Enabling RHI 8-33 Configuring DHCP 8-35 Configuring a DHCP Server 8-35 Enabling the DHCP Server 8-35 Configuring DHCP Options 8-37 Using Cisco IP Phones with a DHCP Server 8-38 Configuring DHCP Relay Services 8-39 DHCP Relay Overview 8-39 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM viii OL-20748-01
... Guidelines 8-33 Enabling RHI 8-33 Configuring DHCP 8-35 Configuring a DHCP Server 8-35 Enabling the DHCP Server 8-35 Configuring DHCP Options 8-37 Using Cisco IP Phones with a DHCP Server 8-38 Configuring DHCP Relay Services 8-39 DHCP Relay Overview 8-39 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM viii OL-20748-01
Configuration Guide
Page 9
... 10-4 Configuring IPv6 Default and Static Routes 10-5 Configuring IPv6 Access Lists 10-5 Configuring IPv6 Neighbor Discovery 10-6 Configuring Neighbor Solicitation Messages 10-6 Configuring the Neighbor Solicitation Message Interval 10-7 Configuring the Neighbor Reachable Time 10-7 Configuring Router Advertisement Messages 10-8 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM...
... 10-4 Configuring IPv6 Default and Static Routes 10-5 Configuring IPv6 Access Lists 10-5 Configuring IPv6 Neighbor Discovery 10-6 Configuring Neighbor Solicitation Messages 10-6 Configuring the Neighbor Solicitation Message Interval 10-7 Configuring the Neighbor Reachable Time 10-7 Configuring Router Advertisement Messages 10-8 OL-20748-01 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM...
Configuration Guide
Page 10
...-10 Viewing IPv6 Interface Settings 10-10 Viewing IPv6 Routes 10-11 11 C H A P T E R Configuring AAA Servers and the Local Database 11-1 AAA Overview 11-1 About Authentication 11-2 About Authorization 11-2 About Accounting 11...Support 11-6 Configuring the Local Database 11-7 Identifying AAA Server Groups and Servers 11-9 12 C H A P T E R Configuring Certificates 12-1 Public Key Cryptography 12-1 About Public Key Cryptography 12-1 Certificate Scalability 12-2 About Key Pairs 12-2 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM ...
...-10 Viewing IPv6 Interface Settings 10-10 Viewing IPv6 Routes 10-11 11 C H A P T E R Configuring AAA Servers and the Local Database 11-1 AAA Overview 11-1 About Authentication 11-2 About Authorization 11-2 About Accounting 11...Support 11-6 Configuring the Local Database 11-7 Identifying AAA Server Groups and Servers 11-9 12 C H A P T E R Configuring Certificates 12-1 Public Key Cryptography 12-1 About Public Key Cryptography 12-1 Certificate Scalability 12-2 About Key Pairs 12-2 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM ...
