Technical data
Table Of Contents
- Preface
- Introduction
- Chapter 1. Advanced Topics
- Chapter 2. Planning For Router Configuration
- Important Terminology
- Collect your Configuration Information
- PPP Link Protocol (over ATM or Frame Relay)
- IP Routing Network Protocol
- IPX Routing Network Protocol
- Bridging Network Protocol
- RFC 1483 / RFC 1490 Link Protocols
- IP Routing Network Protocol
- IPX Routing Network Protocol
- Bridging Network Protocol
- MAC Encapsulated Routing: RFC 1483MER / RFC 1490MER Link Protocols
- IP Routing Network Protocol
- FRF8 Link Protocol
- IP Routing Network Protocol
- Dual Ethernet Router Configuration
- General Information
- Configuring the Dual Ethernet Router as a Bridge
- Configuring the Dual Ethernet Router for IP Routing
- Chapter 3. Configuring Router Software
- Configuration Tables
- Configuring PPP with IP Routing
- Configuring PPP with IPX Routing
- Configuring PPP with Bridging
- Configuring RFC 1483 / RFC 1490 with IP Routing
- Configuring RFC 1483 / RFC 1490 with IPX Routing
- Configuring RFC 1483 / RFC 1490 with Bridging
- Configuring MAC Encapsulated Routing: RFC 1483MER / RFC 1490MER with IP Routing
- Configuring FRF8 with IP Routing
- Configuring Mixed Network Protocols
- Configuring a Dual Ethernet Router for IP Routing
- Verify the Router Configuration
- Sample Configurations
- Sample Configuration 1 — PPP with IP and IPX
- Scenario
- Sample Configuration 1 — Diagram for Target Router (SOHO)
- Sample Configuration 1 — Tables For Target Router (SOHO)
- Sample Configuration 1 - Check the Configuration with the “list” Commands
- Information About Names And Passwords
- Sample Configuration 2 — RFC 1483 with IP and Bridging
- Scenario
- Sample Configuration 2 — Diagram for Target Router SOHO
- Sample Configuration 2 — Tables For Target Router (SOHO)
- Sample Configuration 2 - Check the Configuration with the “list” Commands
- Sample Configuration 3 — Configuring a Dual Ethernet Router for IP Routing
- Scenario
- Configuration Tables
- Chapter 4. Configuring Special Features
- Bridging Filtering and IP Firewall
- IP (RIP) Protocol Controls
- DHCP (Dynamic Host Configuration Protocol)
- General Information
- Manipulating Subnetworks and Explicit Client Leases
- Enabling/disabling a subnetwork or a client lease
- Adding subnetworks and client leases
- Setting the lease time
- Manually changing client leases
- Setting Option Values
- Concepts
- Commands for global option values
- Commands for specific option values for a subnetwork
- Commands for specific option values for a client lease
- Commands for listing and checking option values
- BootP
- About BootP and DHCP
- Enable/Disable BootP
- Use BootP to specify the boot server
- Defining Option Types
- Concepts
- Commands
- Configuring BootP/DHCP Relays
- Other Information
- NAT (Network Address Translation)
- Management Security
- Software Options Keys
- Encryption
- IP Filtering
- L2TP Tunneling - Virtual Dial-Up
- Introduction
- L2TP Concepts
- LNS, L2TP Client, LAC, and Dial User
- L2TP Client Example
- LNS and L2TP Client Relationship
- Tunnels
- Sessions
- Configuration
- Preliminary Steps to Configure a Tunnel
- Verification Steps
- Configuration Commands
- PPP Session Configuration
- Sample Configurations
- Simple L2TP Client Configuration Example
- Complete LNS and L2TP Client Configuration Example
- Configuration Process
- Chapter 5. Command Line Interface Reference
- Command Line Interface Conventions
- System Level Commands
- Router Configuration Commands
- Target Router System Configuration Commands (SYSTEM)
- Target Router Ethernet LAN Bridging and Routing (ETH)
- Remote Router Access Configuration (REMOTE)
- Asymmetric Digital Subscriber Line Commands (ADSL)
- Asynchronous Transfer Mode Commands (ATM)
- Dual Ethernet Router Commands (ETH)
- General information
- High-Speed Digital Subscriber Line Commands (HDSL)
- General information about HDSL
- ISDN Digital Subscriber Line (IDSL)
- General information about IDSL
- Symmetric Digital Subscriber Line Commands (SDSL)
- General information about SDSL
- Dynamic Host Configuration Protocol Commands (DHCP)
- L2TP — Virtual Dial-Up Configuration (L2TP)
- Bridging Filtering Commands (FILTER BR)
- Save Configuration Commands (SAVE)
- Erase Configuration Commands (ERASE)
- File System Commands
- Chapter 6. Managing the Router
- Simple Network Management Protocol (SNMP)
- TELNET Remote Access
- Client TFTP Facility
- TFTP Server
- BootP Server
- Boot Code
- Manual Boot Menu
- Access Manual Boot Mode
- Option 1: Retry Start-up
- Option 2: Boot from FLASH Memory
- Option 3: Boot from Network
- Option 4: Boot from Specific File
- Option 5: Configure Boot System
- Option 6: Set Time and Date
- Option 7: Set Console Baud Rate
- Option 8: Start Extended Diagnostics
- Identifying Fatal Boot Failures
- Software Kernel Upgrades
- Backup and Restore Configuration Files
- FLASH Memory Recovery Procedures
- Recovering Passwords and IP Addresses
- Batch File Command Execution
- Chapter 7. Troubleshooting
- Appendix A. Network Information Worksheets
- Configuring PPP with IP Routing
- Configuring PPP with IPX Routing
- Configuring PPP with Bridging
- Configuring RFC 1483 / RFC 1490 with IP Routing
- Configuring RFC 1483 / RFC 1490 with IPX Routing
- Configuring RFC 1483 / RFC 1490 with Bridging
- Configuring RFC 1483MER / RFC 1490MER with IP Routing
- Configuring FRF8 with IP Routing
- Configuring a Dual Ethernet Router for IP Routing
- Appendix B. Configuring IPX Routing
- Index
96
Sample Configuration
Refer to the section
Sample Configurations,
Chapter 3 of this manual, page 57. The routers SOHO (the target
router) and HQ (the remote router) are configured in the same manner as shown in chapter 3, but the
following encryption commands are added. Don’t forget to save the configuration and reboot the router (
save
and
reboot
commands).
Remember that the transmit key (tx) of SOHO is the receive key (rx) of HQ. Inversely, the receive key of
SOHO is the transmit key of HQ.
Use this sample configuration with the additional encryption commands as a guideline to configure your own
routers.
Enable encryption on the router HQ
Sample:
login admin
remote setEncryption dese rx 1111111111111111 SOHO
remote setEncryption dese tx 2222222222222222 SOHO
save
reboot
Enable encryption for the router SOHO
Sample:
remote setEncryption dese tx 1111111111111111 HQ
login admin
remote setEncryption dese rx 2222222222222222 HQ
save
reboot
Diffie-Hellman Encryption
With Diffie-Hellman encryption, each router has an encryption file that is associated with a public key providing
768-bit security. The predefined keys can be replaced by the user. The key files have a suffix of “num” by
convention (e.g.; dh96.num).
Configuration Notes
Simply add the encryption command to your standard configuration. For Diffie-Hellman, the encryption
command is:
remote setEncryption
DESE_1_KEY|DESE_2_KEY
[
<fileName>
]
|
<
remoteName
>
Observe the following guidelines:
• DESE_1_KEY specifies that the same key is used in both directions and DESE_2_KEY specifies that the
keys are different. Having the same keys in both directions can significantly reduce time needed to
compute the DES keys from the Diffie-Hellman exchange.