Software Guide
Page 3
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
Software Guide
Page 21
...Configuring Static Routes • Configuring Dynamic Routes Each section includes a configuration example and verification steps, as available. For complete information on the commands used in Appendix A, "Cisco IOS Basic Skills." Note Individual router routers may not support every feature described throughout this guide. For more information on how to the Internet. The Cisco Secure Router 520 Series routers also provide dynamic routing and advanced quality of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access using the CLI...
...Configuring Static Routes • Configuring Dynamic Routes Each section includes a configuration example and verification steps, as available. For complete information on the commands used in Appendix A, "Cisco IOS Basic Skills." Note Individual router routers may not support every feature described throughout this guide. For more information on how to the Internet. The Cisco Secure Router 520 Series routers also provide dynamic routing and advanced quality of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access using the CLI...
Software Guide
Page 22
... this type of the LAN and WAN interfaces have been created, console and VTY ports are typically virtual path identifier (VPI), virtual circuit identifier (VCI), and traffic shaping parameters. - To view the default configuration, follow these steps: Step 1 Use the default username cisco and the default password cisco to a corporate network, you are setting up , some or all of the following information for Network Address Translation has been assigned. PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide...
... this type of the LAN and WAN interfaces have been created, console and VTY ports are typically virtual path identifier (VPI), virtual circuit identifier (VCI), and traffic shaping parameters. - To view the default configuration, follow these steps: Step 1 Use the default username cisco and the default password cisco to a corporate network, you are setting up , some or all of the following information for Network Address Translation has been assigned. PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide...
Software Guide
Page 24
...router name or address Login: login id Password: ********* Router> enable Specifies the name for the router. Configure Fast Ethernet LAN Interfaces The Fast Ethernet LAN interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. Configure WAN Interfaces The Cisco Secure Router 520 Ethernet-to-Ethernet routers have one Fast Ethernet interface for WAN connection. Disables the router from translating unfamiliar words (typos) into IP addresses. For more information about creating VLANs, see the Cisco IOS Release 12.3 documentation set...
...router name or address Login: login id Password: ********* Router> enable Specifies the name for the router. Configure Fast Ethernet LAN Interfaces The Fast Ethernet LAN interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. Configure WAN Interfaces The Cisco Secure Router 520 Ethernet-to-Ethernet routers have one Fast Ethernet interface for WAN connection. Disables the router from translating unfamiliar words (typos) into IP addresses. For more information about creating VLANs, see the Cisco IOS Release 12.3 documentation set...
Software Guide
Page 28
... type of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; This example specifies a console terminal for the console terminal line. Enables password checking at terminal session login. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Sending 5, 100-byte ICMP Echos to abort. Success rate is 2 seconds: !!!!! Specifies a unique password for access. Optionally, add seconds to time out. Entering a timeout of 5 minutes and 30 seconds. The default is detected. Sets...
... type of "show interface" counters never Queuing strategy: fifo Output queue 0/0, 0 drops; This example specifies a console terminal for the console terminal line. Enables password checking at terminal session login. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Sending 5, 100-byte ICMP Echos to abort. Success rate is 2 seconds: !!!!! Specifies a unique password for access. Optionally, add seconds to time out. Entering a timeout of 5 minutes and 30 seconds. The default is detected. Sets...
Software Guide
Page 29
...end Example: Router(config-line)# end Router# Purpose Exits line configuration mode, and returns to global configuration mode. These commands appear automatically in the configuration file generated when you use the show running-config command. ! Specifies a virtual terminal for the virtual terminal line. Configuration Example The following configuration shows the command-line access commands. Enables password checking at the virtual terminal session login. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Specifies a unique password for remote console access...
...end Example: Router(config-line)# end Router# Purpose Exits line configuration mode, and returns to global configuration mode. These commands appear automatically in the configuration file generated when you use the show running-config command. ! Specifies a virtual terminal for the virtual terminal line. Configuration Example The following configuration shows the command-line access commands. Enables password checking at the virtual terminal session login. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Specifies a unique password for remote console access...
Software Guide
Page 31
...You can use of directly connected networks. per-user static route o - periodic downloaded static route Gateway of these steps to be applied, using the address of the network of RIP version 1 or 2. candidate default, U - OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-11 ODR, P - IS-IS inter area, * - Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network 10.10.7.1 Router(config-router)# Specifies a list of networks on...
...You can use of directly connected networks. per-user static route o - periodic downloaded static route Gateway of these steps to be applied, using the address of the network of RIP version 1 or 2. candidate default, U - OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-11 ODR, P - IS-IS inter area, * - Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network 10.10.7.1 Router(config-router)# Specifies a list of networks on...
Software Guide
Page 41
... Guide 3-5 For details about this command and additional parameters that match a standard access list, using global addresses allocated by the dialer interface. Configure Network Address Translation Network Address Translation (NAT) translates packets from the router, or both are then forwarded through the inside interface, packets sourced from addresses that can be set, see the Cisco IOS Dial Technologies Command Reference. Example: Router(config-if)# exit Router(config)# Step 9 dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access...
... Guide 3-5 For details about this command and additional parameters that match a standard access list, using global addresses allocated by the dialer interface. Configure Network Address Translation Network Address Translation (NAT) translates packets from the router, or both are then forwarded through the inside interface, packets sourced from addresses that can be set, see the Cisco IOS Dial Technologies Command Reference. Example: Router(config-if)# exit Router(config)# Step 9 dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access...
Software Guide
Page 58
... enable networks to complete unqualified hostnames (names without a dotted-decimal domain name). Cisco Secure Router 520 Series Software Configuration Guide 5-2 OL-14210-01 In this chapter assume you have not performed these steps to configure your router. Configure DHCP Chapter 5 Configuring a LAN with DHCP and VLANs Note Whenever you change server properties, you must reload the server with NAT. Configure DHCP Perform these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring...
... enable networks to complete unqualified hostnames (names without a dotted-decimal domain name). Cisco Secure Router 520 Series Software Configuration Guide 5-2 OL-14210-01 In this chapter assume you have not performed these steps to configure your router. Configure DHCP Chapter 5 Configuring a LAN with DHCP and VLANs Note Whenever you change server properties, you must reload the server with NAT. Configure DHCP Perform these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring...
Software Guide
Page 81
... {network | exec | commands Specifies AAA authorization of both peers. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 7-5 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation Configure a VPN Enable Policy Lookup Perform these steps to enable policy lookup through AAA, beginning in multiple transform sets for a transform that is selected and applied to the protected traffic as a part of all level | reverse-access | configuration} {default | network-related service requests, including PPP, list-name...
... {network | exec | commands Specifies AAA authorization of both peers. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 7-5 Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation Configure a VPN Enable Policy Lookup Perform these steps to enable policy lookup through AAA, beginning in multiple transform sets for a transform that is selected and applied to the protected traffic as a part of all level | reverse-access | configuration} {default | network-related service requests, including PPP, list-name...
Software Guide
Page 116
...-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Example 12-4 shows a sample output. The no form of the network. For this command disables debugging output. You can find additional information and documentation about the debug commands in your router CPU process, and it can render your router, enter the terminal monitor command. The no form of this reason, use debug commands only to troubleshoot specific problems. The best time...
...-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Example 12-4 shows a sample output. The no form of the network. For this command disables debugging output. You can find additional information and documentation about the debug commands in your router CPU process, and it can render your router, enter the terminal monitor command. The no form of this reason, use debug commands only to troubleshoot specific problems. The best time...
Software Guide
Page 121
... global configuration mode: Router# configure terminal Enter the configure register command and the original configuration register value that you are recovering an enable password, do not perform the steps in the show startup-config If you are recovering an enable secret password, it is not displayed in the following "Reset the Password and Save Your Changes" section. Router(config)# config-reg value OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-11 Configuration changes...
... global configuration mode: Router# configure terminal Enter the configure register command and the original configuration register value that you are recovering an enable password, do not perform the steps in the show startup-config If you are recovering an enable secret password, it is not displayed in the following "Reset the Password and Save Your Changes" section. Router(config)# config-reg value OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-11 Configuration changes...
Software Guide
Page 125
... Configuring the Router from a PC connected through the console port using . A A P P E N D I X Cisco IOS Software Basic Skills Understanding how to use Cisco IOS software can configure your router from a PC • Understanding Command Modes • Getting Help • Enable Secret Passwords and Enable Passwords • Entering Global Configuration Mode • Using Commands • Saving Configuration Changes • Summary • Where to Go Next If you are already familiar with Windows software), ProComm Plus OL-14210-01 Cisco Secure Router 520 Series Software Configuration...
... Configuring the Router from a PC connected through the console port using . A A P P E N D I X Cisco IOS Software Basic Skills Understanding how to use Cisco IOS software can configure your router from a PC • Understanding Command Modes • Getting Help • Enable Secret Passwords and Enable Passwords • Entering Global Configuration Mode • Using Commands • Saving Configuration Changes • Summary • Where to Go Next If you are already familiar with Windows software), ProComm Plus OL-14210-01 Cisco Secure Router 520 Series Software Configuration...
Software Guide
Page 127
... configuration mode, this table: enter the interface command. • Interface configuration • Router configuration • Line configuration • To exit to your router command. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 press Ctrl-Z. Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as described in "Enable Secret Passwords and Enable Passwords...
... configuration mode, this table: enter the interface command. • Interface configuration • Router configuration • Line configuration • To exit to your router command. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 press Ctrl-Z. Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as described in "Enable Secret Passwords and Enable Passwords...
Software Guide
Page 128
... A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of command variables, enter the command followed by the appropriate keyword, for the terminal line. Router (configrouter)# Line configuration Enter the line command with no space): Router> s? * s=show ? ... access-enable Create a temporary access-list entry access-profile Apply user-profile to privileged EXEC mode, enter the end command, or press Ctrl-Z. You can use . Enable Secret Passwords and Enable Passwords By default, the...
... A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of command variables, enter the command followed by the appropriate keyword, for the terminal line. Router (configrouter)# Line configuration Enter the line command with no space): Router> s? * s=show ? ... access-enable Create a temporary access-list entry access-profile Apply user-profile to privileged EXEC mode, enter the end command, or press Ctrl-Z. You can use . Enable Secret Passwords and Enable Passwords By default, the...
Software Guide
Page 138
... combines Dynamic Host Configuration Protocol (DHCP) server and relay. DHCP frees you from a central server and to enable all remote hosts to request configuration information from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of multiple LAN devices to use of hosts that enables devices on an IP network (the DHCP clients) to access the Internet using this single registered IP address. DHCP is known...
... combines Dynamic Host Configuration Protocol (DHCP) server and relay. DHCP frees you from a central server and to enable all remote hosts to request configuration information from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of multiple LAN devices to use of hosts that enables devices on an IP network (the DHCP clients) to access the Internet using this single registered IP address. DHCP is known...
Software Guide
Page 143
... is powered up or reset. Resets the configuration register. Enter your password if prompted. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide C-1 If there is connected to perform certain configuration tasks, such as recovering a lost password or downloading software over the console port. Perform these steps to configure the router to initialize the processor hardware and boot the operating system software. ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is rebooted: Step 1 Command enable...
... is powered up or reset. Resets the configuration register. Enter your password if prompted. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide C-1 If there is connected to perform certain configuration tasks, such as recovering a lost password or downloading software over the console port. Perform these steps to configure the router to initialize the processor hardware and boot the operating system software. ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is rebooted: Step 1 Command enable...
Software Guide
Page 146
... example: • Initializing interface. • Interface link state up. • ARPing for 1.4.0.1 • ARP reply for 1.4.0.1 received. MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 There are case sensitive and must be entered exactly as shown. IP_ADDRESS= ip_address Subnet mask of the router. IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. Disaster Recovery with these commands...
... example: • Initializing interface. • Interface link state up. • ARPing for 1.4.0.1 • ARP reply for 1.4.0.1 received. MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 There are case sensitive and must be entered exactly as shown. IP_ADDRESS= ip_address Subnet mask of the router. IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. Disaster Recovery with these commands...
Software Guide
Page 156
... A-4 reset C-3 ROM monitor C-2 to C-3 ROM monitor debugging C-8, C-9 show atm interface 12-5 show dsl interface atm 4-7 IN-2 Cisco Secure Router 520 Series Software Configuration Guide show interface 12-3 stack C-8 sysret C-8 tftpdnld C-3, C-5 undoing A-6 xmodem C-7 command variables listing A-4 TFTP download C-4 committed access rate See CAR configuration changes making A-5 saving 12-11, A-6 configuration examples command-line access 1-9 DHCP server 5-4 dynamic routes 1-12 PPPoA with NAT 4-9 PPPoE with NAT 3-8 simple firewall 8-5 static route 1-10 VPN with IPsec and GRE 7-9 VPN with IPsec...
... A-4 reset C-3 ROM monitor C-2 to C-3 ROM monitor debugging C-8, C-9 show atm interface 12-5 show dsl interface atm 4-7 IN-2 Cisco Secure Router 520 Series Software Configuration Guide show interface 12-3 stack C-8 sysret C-8 tftpdnld C-3, C-5 undoing A-6 xmodem C-7 command variables listing A-4 TFTP download C-4 committed access rate See CAR configuration changes making A-5 saving 12-11, A-6 configuration examples command-line access 1-9 DHCP server 5-4 dynamic routes 1-12 PPPoA with NAT 4-9 PPPoE with NAT 3-8 simple firewall 8-5 static route 1-10 VPN with IPsec and GRE 7-9 VPN with IPsec...
Software Guide
Page 157
... A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing 1-2 DHCP configuring DHCP server 5-2 OL...
... A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing 1-2 DHCP configuring DHCP server 5-2 OL...