Cisco Reader Comment Card General Information 1 2 3 4 5 6 7 8 Years of networking experience: Years of experience with Cisco products: I have these network types: LAN Backbone WAN Other: I have these Cisco products: Switches Routers Other (specify models): I perform these types of tasks: H/W installation and/or maintenance S/W configuration Network management Other: I use these types of documentation: H/W installation H/W configuration S/W configuration Command reference Quick reference Release notes Onl
FIRST-CLASS MAIL PERMIT NO.
Cisco 1700 Series Router Software Configuration Guide Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS Preface xiii Objectives xiii Audience xiii Organization xiv Conventions xv Related Documentation xvi Obtaining Documentation xvi World Wide Web xvi Documentation CD-ROM xvi Ordering Documentation xvii Documentation Feedback xvii Obtaining Technical Assistance xviii Cisco.
Contents Using Commands 1-9 Abbreviating Commands 1-9 Command-Line Error Messages 1-9 Undoing Commands 1-10 Saving Configuration Changes 1-10 Using Debug Commands 1-11 Where to Go Next 1-12 CHA PTER 2 Configuring Security Features 2-1 Configuring IP Security 2-1 Disabling Hardware Encryption 2-3 Configuring a Virtual Private Dial-Up Network 2-5 Configuring Firewalls 2-5 Access Lists 2-6 Inspection Rules 2-8 CHA PTER 3 Miscellaneous Features 3-1 Configuring Dynamic Host Configuration Protocol 3-1 Conf
Contents VLAN Commands 4-6 clear vlan statistics 4-6 debug vlan packets 4-7 encapsulation dot1q 4-8 show vlans 4-9 CHA PTER 5 Configuring ISDN 5-1 Before You Begin 5-1 Dial-Up ISDN Connection to a Central-Site Router 5-2 Configuring Global Parameters 5-3 Configuring Security 5-4 Configuring the Fast Ethernet Interface 5-5 Configuring the ISDN Interface 5-6 Configuring Static Routes and Dialing Behavior 5-9 Configuring Command-Line Access to the Router 5-16 Troubleshooting 5-16 Dial-Up ISDN Connection wi
Contents Configuring the Fast Ethernet Interface 5-34 Clearing the ISDN Interface 5-35 Configuring the ISDN Subinterfaces 5-35 Configuring Dynamic IP Routing 5-36 Configuring Command-Line Access to the Router 5-38 Troubleshooting Problems with Leased Lines 5-38 Dial-In ISDN BRI Pool 5-39 Configuring Global Parameters 5-40 Configuring Security 5-41 Configuring the Fast Ethernet Interface 5-42 Configuring the ISDN Interfaces 5-43 Configuring a Dialer Interface 5-44 Configuring EIGRP Routing 5-45 Configuring
Contents CHA PTER 7 Configuring Frame Relay 7-1 Before You Begin 7-1 Frame Relay 7-2 Configuring Global Parameters 7-3 Configuring Security 7-4 Configuring the Fast Ethernet Interface 7-4 Configuring the Serial Interface for a Frame Relay Connection 7-5 Configuring the Point-to-Point Frame Relay Connection 7-6 Configuring Routing Parameters 7-10 Configuring Command-Line Access to the Router 7-10 Frame Relay with an Internal DSU/CSU 7-11 Configuring Global Parameters 7-12 Configuring Security 7-13 Configu
Contents ISDN as a Backup Connection with Dialer Profiles 7-29 Configuring Global Parameters 7-30 Configuring Security 7-32 Configuring the Fast Ethernet Interface 7-33 Configuring the Serial Interface 7-33 Configuring the Primary Connection to the First Central-Site Router 7-34 Configuring the Primary Connection to the Second Central-Site Router 7-35 Configuring the ISDN Interface 7-36 Configuring the Backup Connection to the First Central-Site Router 7-36 Configuring the Backup Connection to the Second C
Contents Configuring the Fast Ethernet Interface 8-4 Configuring the Asynchronous Interface 8-5 Configuring When the Router Dials 8-9 Configuring Command-Line Access to the Router 8-10 Asynchronous Dial-In Pool 8-11 Configuring Global Parameters 8-12 Configuring Security 8-13 Configuring the Fast Ethernet Interface 8-13 Configuring the Asynchronous Interfaces 8-14 Configuring Command-Line Access to the Router 8-15 Troubleshooting Asynchronous Problems 8-16 CHA PTER 9 Configuring X.
Contents Configuring the Fast Ethernet Interface 9-23 Configuring the ISDN Interface for X.25 9-23 Configuring the ISDN Subinterface for X.25 9-24 Configuring Command-Line Access to the Router 9-28 Troubleshooting X.25 Problems 9-29 APPENDIX A Networking Concepts A-1 WAN Technologies A-1 ISDN A-2 Frame Relay A-4 X.
Contents Disaster Recovery with TFTP Download B-5 TFTP Download Command Variables B-5 Using the TFTP Download Command B-7 Configuration Register B-8 Console Download B-10 Command Description B-10 Error Reporting B-11 Debug Commands B-12 INDEX Cisco 1700 Series Router Software Configuration Guide 78-5407-03 xi
Contents Cisco 1700 Series Router Software Configuration Guide xii 78-5407-03
Preface This preface describes the objectives, audience, organization, and conventions of the Cisco 1700 Series Router Software Configuration Guide. It also provides information about additional documentation and about how to obtain technical assistance. Objectives This software configuration guide explains how to configure Cisco 1700 routers. It does not cover every feature, but it does describe, in detail, the tasks most commonly required for configuring the router.
Preface Organization Organization This document contains the following chapters and appendixes: • Chapter 1, “Introduction to Router Configuration”—Describes what you need to know about the Cisco IOS software (the software that runs the router) before you begin to configure the router. • Chapter 2, “Configuring Security Features”—Describes how to configure security features on Cisco routers, including IP Security (IPSec), firewalls, and virtual private dial-up networks (VPDNs).
Preface Conventions Conventions This document uses the following conventions: • The caret character (^) represents the Control key. For example, the key combinations ^D and Ctrl-D mean the same thing: Hold down the Control key while you press the D key. Although keys are indicated in capital letters, they are not case sensitive. Command descriptions use these conventions: • Commands and keywords in boldface font. • Variables for which you supply values are in italic font.
Preface Related Documentation Related Documentation The following publications provide related information about this product: • Cisco IOS command references and configuration guides for Cisco IOS Release 12.2 provide complete information about all Cisco IOS CLI commands and how to use them, as well as information on designing and configuring LANs and WANs. • The Quick Start Guide that comes with your router has instructions for quickly cabling and powering up the router.
Preface Obtaining Documentation Ordering Documentation Cisco documentation is available in the following ways: • Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace: http://www.cisco.com/cgi-bin/order/order_root.pl • Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store: http://www.cisco.com/go/subscription • Nonregistered Cisco.
Preface Obtaining Technical Assistance Obtaining Technical Assistance Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site. Cisco.com Cisco.
Preface Obtaining Technical Assistance Inquiries to Cisco TAC are categorized according to the urgency of the issue: • Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration. • Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
Preface Obtaining Technical Assistance Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
C H A P T E R 1 Introduction to Router Configuration If you understand Cisco IOS software (the software that runs your router) and you are experienced in configuring network devices, you can use the Cisco IOS command-line interface (CLI) to configure your router. This guide will help you use Cisco IOS software to configure your router. This chapter tells you what you need to know before you begin configuring your router with Cisco IOS software.
Chapter 1 Introduction to Router Configuration Configuring the Router from a PC Configuring the Router from a PC If you are configuring your router from a PC (not a dumb terminal), you need a type of communications software called terminal emulation software. The PC uses this software to send commands to your router. Table 1-1 lists some common names for this software, based on the type of PC you are using.
Chapter 1 Introduction to Router Configuration Understanding Command Modes You use the following Cisco IOS command modes when configuring the scenarios described in this document: Note • User EXEC • Privileged EXEC • Global configuration • Interface configuration • Router configuration • Line configuration Throughout the examples in this guide, there are steps for verifying your router configuration by using different Cisco IOS commands.
Chapter 1 Introduction to Router Configuration Understanding Command Modes Table 1-2 Command Modes Summary Mode Access Method Prompt Exit Method About This Mode1 User EXEC Begin a session with your router. Router> Enter the logout command. Use this mode to Privileged EXEC Enter the enable Router# command while in user EXEC mode. • • To exit to user EXEC mode, enter the disable command. To enter global configuration mode, enter the configure command. • Change terminal settings.
Chapter 1 Introduction to Router Configuration Understanding Command Modes Table 1-2 Command Modes Summary (continued) Mode Access Method Global configuration Router(config)# Enter the configure command while in privileged EXEC mode. Interface configuration Enter the interface command (with a specific interface) while in the global configuration mode. Prompt Exit Method Router(configif)# • To exit to privileged EXEC mode, enter the exit or end command, or press Ctrl-Z.
Chapter 1 Introduction to Router Configuration Getting Help Table 1-2 Command Modes Summary (continued) Mode Access Method Prompt Router configuration Enter your router command, followed by the appropriate keyword, while in global configuration mode. Router(configrouter)# Line configuration Router(configSpecify a line with the line vty line)# command while in the global configuration mode. Exit Method • To exit to global configuration mode, enter the end command.
Chapter 1 Introduction to Router Configuration Enable Secret and Enable Passwords • Enter a command, a space, and a question mark to see a list of the available keywords (and a short definition of the keywords) that can be used with the command: Router (config-if)# snapshot ? client Enable client control of Snapshot routing server Send routing updates out this link when updates are received • Enter a command, a keyword, a space, and a question mark to see a list of the range of values (and a short defi
Chapter 1 Introduction to Router Configuration Entering Configuration Mode For maximum security, the passwords should be different. If you enter the same password for both during the setup process, your router accepts the passwords but warns you that they should be different. An enable secret password can contain from 1 to 25 uppercase and lowercase alphanumeric characters. An enable password can contain any number of uppercase and lowercase alphanumeric characters.
Chapter 1 Introduction to Router Configuration Using Commands You can now make changes to your router configuration. Using Commands This section provides some tips about entering Cisco IOS commands at the CLI. Abbreviating Commands You have to enter only enough characters for the router to recognize the command as unique. This example show how to enter the show configuration command: Router# show conf Using 385 out of 7506 bytes ! version 12.2 no service udp-small-servers no service tcp-small-servers .
Chapter 1 Introduction to Router Configuration Saving Configuration Changes Table 1-3 Common CLI Error Messages Error Message Meaning How to Get Help % Ambiguous command: "show con" You did not enter enough characters Reenter the command, followed by for your router to recognize the a question mark (?), with no space command. between the command and the question mark. The possible keywords that you can use with the command are displayed. % Incomplete command.
Chapter 1 Introduction to Router Configuration Using Debug Commands Building configuration... Saving the configuration to NVRAM might require a minute or two. After the configuration has been saved, the following appears: [OK] Router# Using Debug Commands Debug command are provided for most of the configurations in this document. You can use the debug commands to troubleshoot any configuration problems that you might be having on your network.
Chapter 1 Introduction to Router Configuration Where to Go Next Where to Go Next Now that you have learned some Cisco IOS software basics, you can begin to configure your router. Keep in mind the following tips: • You can use the question mark (?) and arrow keys to help you enter commands. • Each command mode restricts you to a set of commands. If you are having difficulty entering a command, check the prompt, and then enter the question mark (?) for a list of available commands.
C H A P T E R 2 Configuring Security Features This chapter presents basic configuration procedures for security features in the Cisco 1700 series routers. For a full description of these features and their configurations, please refer to the Cisco IOS command references and configuration guides for Cisco IOS Release 12.2.
Chapter 2 Configuring Security Features Configuring IP Security Command Task Step 1 crypto isakmp policy 10 Define an Internet Key Exchange (IKE) policy, and assign the policy a priority. This command places the router in IKE policy configuration mode. Step 2 hash algorithm Specify the hash algorithm for the policy. Step 3 encryption encryption Specify the encryption for the policy. Step 4 authentication pre-share Specify pre-share key as the authentication method.
Chapter 2 Configuring Security Features Configuring IP Security Disabling Hardware Encryption If your Cisco 1700 series router is equipped with an optional Virtual Private Network (VPN) module, it provides hardware 3DES encryption by default. If you wish, you can disable the VPN module and use Cisco IOS software encryption/decryption instead. The command that disables the VPN module is as follows: no crypto engine accelerator The command is executed in configuration mode.
Chapter 2 Configuring Security Features Configuring IP Security To reenable the VPN module, use the following command: crypto engine accelerator For example: Router(config)#crypto engine accelerator Warning! all current connections will be torn down. Do you want to continue? [yes|no]:yes . switching to crypto accelerator.
Chapter 2 Configuring Security Features Configuring a Virtual Private Dial-Up Network Configuring a Virtual Private Dial-Up Network Complete the following tasks to configure a virtual private dial-up network (VPDN). Start in global configuration mode. Command Task Step 1 vpdn enable Enable VPDN. Step 2 no vpdn logging Disable VPDN logging. Step 3 vpdn-group tag Configure a VPDN group. Step 4 request-dialin Specify the dialing direction.
Chapter 2 Configuring Security Features Configuring Firewalls Access Lists Access lists are configured as standard or extended. A standard access list either permits or denies passage of packets from a designated source. An extended access list allows designation of both the destination and the source, and it allows designation of individual protocols to be permitted or denied passage. An access list is a series of commands with a common tag to bind them together. The tag is either a number or a name.
Chapter 2 Configuring Security Features Configuring Firewalls • All matching parameters must be true before a command permits or denies access to a packet. • There is an implicit “deny all” at the end of the sequence. Configuration Examples The following examples illustrate the configuration of standard numbered access lists and extended numbered access lists.
Chapter 2 Configuring Security Features Configuring Firewalls Configuring Extended Numbered Access Lists In the following example, access list 102, an extended numbered access list, is defined. The first command permits any incoming TCP messages with destination ports greater than 1023. The second command permits incoming TCP messages to the Simple Mail Transfer Protocol (SMTP) port of host 128.88.1.2.
3 C H A P T E R Miscellaneous Features This chapter presents basic configuration procedures for miscellaneous features of the Cisco 1700 series routers. It contains the following sections: • Configuring Dynamic Host Configuration Protocol • Configuring Network Address Translation Configuring Dynamic Host Configuration Protocol The Dynamic Host Configuration Protocol (DHCP) is used to enable hosts (DHCP clients) on an IP network to obtain their configurations from a server (DHCP server).
Chapter 3 Miscellaneous Features Configuring Dynamic Host Configuration Protocol Perform the following tasks to configure DHCP. Begin in global configuration mode. Command Task Step 1 ip dhcp excluded-address low-ip-address high-ip-address Prevent DHCP from assigning one or more IP addresses to potential clients. Step 2 ip dhcp pool name Enter DHCP configuration mode, and create a pool of IP addresses that can be assigned to DHCP clients.
Chapter 3 Miscellaneous Features Configuring Network Address Translation dns-server 172.16.1.102 172.16.2.102 netbios-name-server 172.16.1.103 172.16.2.103 netbios-node-type h-node ! ip dhcp pool 1 network 172.16.1.0 /24 default-router 172.16.1.100 172.16.1.101 lease 30 ! ip dhcp pool 2 network 172.16.2.0 /24 default-router 172.16.2.100 172.16.2.
Chapter 3 Miscellaneous Features Configuring Network Address Translation Configuration Example In this example, we want NAT to allow certain devices on the inside to originate communication with devices on the outside by translating their internal addresses to valid outside addresses or a pool of addresses. The pool in this example is defined as the range of addresses from 172.16.10.1 through 172.16.10.63. In order to accomplish this translation, we need to use dynamic NAT.
Chapter 3 Miscellaneous Features Configuring Network Address Translation Then indicate that any packet received on the inside interface, as permitted by access list 7, will have its source address translated to an address from the NAT pool “no-overload.” ip nat inside source list 7 pool no-overload Alternatively, when all inside addresses are translated to a single outside address, define a NAT pool named “ovrld,” which has a range of a single IP address: 172.16.10.1. ip nat pool ovrld 172.16.10.1 172.
Chapter 3 Miscellaneous Features Configuring Network Address Translation Cisco 1700 Series Router Software Configuration Guide 3-6 78-5407-03
C H A P T E R 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation This chapter describes the required and optional tasks for configuring routing between virtual LANs (VLANs) with IEEE 802.1Q encapsulation. For complete descriptions of the VLAN commands used in this chapter, refer to the “Cisco IOS Switching Commands” chapter in the Cisco IOS Switching Services Command Reference.
Chapter 4 IEEE 802.1Q Encapsulation Configuration Task List Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation IEEE 802.1Q Encapsulation Configuration Task List You can configure routing among any number of VLANs in your network. This section provides procedures for configuring protocols supported with IEEE 802.1Q encapsulation. The basic process is the same, regardless of the protocol.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation IEEE 802.1Q Encapsulation Configuration Task List Once you have IP routing enabled on the router, you can customize the characteristics to suit your environment. If necessary, refer to the IP configuration chapters in the Cisco IOS IP and IP Routing Configuration Guide for guidelines on configuring IP. Defining the VLAN Encapsulation Format To define the encapsulation format as IEEE 802.
Chapter 4 IEEE 802.1Q Encapsulation Configuration Task List Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation Configuring IPX Routing over IEEE 802.1Q Internet Packet Exchange (IPX) Routing over IEEE 802.1Q VLANs extends Novell NetWare routing capabilities to include support for routing Novell Ethernet 802.3 encapsulation frame types in VLAN configurations. Users with Novell NetWare environments can configure Novell Ethernet 802.3 encapsulation frames to be routed, using IEEE 802.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation Examples of IEEE 802.1Q Encapsulation Configuration Defining the VLAN Encapsulation Format To define the encapsulation format as IEEE 802.1Q, use the following commands in interface configuration mode. Command Task Step 1 interface fastethernet slot/port.subinterface-number1 Specify the subinterface on which IEEE 802.1Q will be used. Step 2 encapsulation dot1q vlan-identifier Define the encapsulation format as IEEE 802.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation VLAN Commands Configuring IP Routing over IEEE 802.1Q This configuration example shows IP being routed on VLAN 101: ! ip routing ! interface fastethernet 0.101 encapsulation dot1q 101 ip addr 10.0.0.11 255.0.0.0 ! Configuring IPX Routing over IEEE 802.1Q This configuration example shows IPX being routed on VLAN 102: ! ipx routing ! interface fastethernet 0.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation VLAN Commands Syntax Description This command has no arguments or keywords. Default No default behavior or values. Command Mode Privileged EXEC.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation VLAN Commands Usage Guidelines The debug vlan packets command displays only packets with a VLAN identifier that the router is not configured to support. This command allows you to identify other VLAN traffic on the network. Virtual LAN packets that the router is configured to route or switch are counted and indicated when you use the show vlans command.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation VLAN Commands Usage Guidelines IEEE 802.1Q encapsulation is configurable on Fast Ethernet interfaces. Example The following example encapsulates VLAN traffic, using the IEEE 802.1Q protocol for VLAN 100: interface fastethernet 0.100 encapsulation dot1q 100 show vlans To view VLAN subinterfaces, use the show vlans privileged EXEC command: show vlans Syntax Description This command has no arguments or keywords.
Chapter 4 Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation VLAN Commands Virtual LAN ID:100 (IEEE 802.1Q Encapsulation) vLAN Trunk Interface: FastEthernet0.100 Protocols Configured: Address: Received: Transmitted: IP 100.0.0.2 10 10 Virtual LAN ID:2500 (IEEE 802.1Q Encapsulation) vLAN Trunk Interface: FastEthernet0.200 Protocols Configured: Address: Received: Transmitted: IP 200.0.0.2 5 5 Table 4-1 describes the fields shown in the output.
C H A P T E R 5 Configuring ISDN This chapter describes how to configure a Cisco router to dial into a central-site router over an ISDN line and provides verification steps and troubleshooting tips.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Before you begin configuration, be aware of the following: Note • You need to enter the commands in the order shown in the task tables. • The values shown in italic are examples. For the values shown, you should instead enter values appropriate for your network. • You should be familiar with Cisco IOS software and its conventions.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Figure 5-1 shows the configuration example used in this section. ISDN Configuration Example—Dial-Up ISDN Connection to Central Site Router ISDN interface addresses Remote site IP: 192.168.37.40 IP: 172.16.25.42 ISDN 1700 Central site Hostname: 1700 Router Username: HQ Phone: 5552053 PPP password: guessme IP network: 172.16.25.0/27 14316 Figure 5-1 IP network: 192.168.37.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Step 4 Step 5 Command Task isdn switch-type basic-ni Configure the type of central office switch used on the ISDN interface. Use the keyword that matches the ISDN switch type that you are using: ipx routing 0060.834f.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Command Task Step 1 enable password Specify a password to prevent unauthorized access to the router. Step 2 hostname Router Configure the router with a host name, which is used in prompts and default configuration file names. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Command Task Step 4 no shutdown Enable the interface and the configuration changes you have just made on the interface. Step 5 exit Exit configuration mode for this interface.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Command Task Step 1 interface BRI0 Enter configuration mode for the ISDN interface. Step 2 description ISDN connectivity Add a description of this interface to help you remember what is attached to it. Step 3 isdn spid1 555987601 Enter the service profile identifier (SPID) number assigned by the ISDN service provider to the B1 channel.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Command Task Step 10 dialer map ipx 123.0000.0003.eccb name HQ broadcast 5552053 (Optional) Configure this interface to call multiple sites, based on IPX address and dialer string (phone number). Step 11 dialer load-threshold 70 Configure bandwidth on demand by setting the maximum load before the router places another call to a destination. Step 12 dialer-group 1 Assign the dialer interface to a dialer group.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Layer 3 Status: No Active Layer 3 Call(s) Activated dsl 0 CCBs = 0 Total Allocated ISDN CCBs = Step 2 Confirm that the current ISDN switch type matches the actual switch type that you are using. In the output example, the switch type is “basic-5ess.” Step 3 Confirm that the “Layer 1 status: ACTIVE” message appears in the command output. In the output example, the status is “ACTIVE.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Command Task Step 1 ip route 0.0.0.0 0.0.0.0 192.168.37.40 Establish a static IP route to the remote network. Step 2 ip route 192.168.37.40 255.255.255.255 BRI0 Establish a static IP route to the central-site router through this interface. Step 3 access-list 101 permit icmp any any Define a standard access list based on Internet Control Message Protocol (ICMP) traffic.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Verifying Your Configuration You can verify your configuration to this point by • Confirming the Static IP Route • Confirming the IPX Route • Confirming Connectivity to the Central-Site Router • Confirming Multilink PPP Configuration for the B1 Channel • Confirming Multilink PPP Configuration for the B2 Channel Confirming the Static IP Route You can verify your configuration by confirming the static IP route: Step 1 Fro
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router R - RIP, E - EIGRP, N - NLSP, X - External, A - Aggregate s - seconds, u - uses 2 Total IPX routes. Up to 1 parallel paths and 16 hops allowed. No default route known. C 123 (PPP), BR0 Step 2 Confirm that the IPX network number (123, in this example) matches the IPX network number that you configured with the ipx network command when you configured the Fast Ethernet interface.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Step 3 To continue configuration, reenter global configuration mode. Confirming Multilink PPP Configuration for the B1 Channel Perform the two verification procedures in this section to verify that multilink PPP is configured on the ISDN B1 channel.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router For the second verification procedure, perform these steps: Step 1 From the privileged EXEC command mode, confirm that the ISDN line is connected to the remote site by entering the ping command, followed by the IP address of the central-site router: Router# ping 192.168.37.40 Step 2 Enter the show interface virtual-access 1 command.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Confirming Multilink PPP Configuration for the B2 Channel Perform the two procedure in this section to verify that multilink PPP is configured on the ISDN B2 channel. Step 1 From the privileged EXEC command mode, confirm that the ISDN line is connected to the remote site by entering the ping command, followed by the IP address of the central-site router: Router# ping 192.168.37.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection to a Central-Site Router Configuring Command-Line Access to the Router Follow these steps to configure some parameters that control access to the router. Command Task Step 1 line console 0 Specify the console terminal line. Step 2 exec-timeout 5 Set the interval that the EXEC command interpreter waits until user input is detected. Step 3 line vty 0 4 Specify a virtual terminal for remote console access.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles • debug isdn q921 • debug ppp negotiation • debug ppp authentication • debug ppp multilink events Dial-Up ISDN Connection with Dialer Profiles This section describes how to configure dialer profiles for ISDN. If you followed the instructions for configuring ISDN in the previous sections of this chapter, you might not have to perform all of the steps shown in this section.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Configuring Global Parameters Follow these steps to configure the router for global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Step 4 Command Task isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Layer 2 Status: TEI = 80, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: No Active Layer 3 Call(s) Activated dsl 0 CCBs = 0 Total Allocated ISDN CCBs = Step 2 Confirm that the current ISDN switch type matches the actual switch type that you are using. Step 3 Confirm that the “Layer 1 status: ACTIVE” message appears in the command output, as shown in the output example.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Configuring Security Follow these steps to configure the router with security measures. Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Configuring the ISDN Interface Follow these steps to configure the ISDN interface, which connects the router to the central-site router over the wide-area network. Command Task Step 1 interface BRI0 Enter configuration mode for the ISDN interface. Step 2 description ISDN connectivity Add a description of the ISDN interface to help you remember what is attached to it.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Command Task Step 10 no shutdown Enable the interface and the configuration changes you have just made on the interface. Step 11 exit Exit configuration mode for this interface. Configuring the Dialer Interface Follow these steps to create a dialer interface and configure it for dial-on-demand routing (DDR). Command Task Step 1 interface Dialer10 Create a dialer interface.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Command Task Step 11 ppp authentication chap pap Enable CHAP and PAP authentication on this interface. CHAP authentication is attempted first. If the central-site router does not support CHAP, then PAP is used for authentication. Step 12 ppp multilink Enable multilink PPP on this interface. Step 13 no shutdown Enable the interface and the configuration changes you have just made on the interface.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open, multilink Open Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo... Step 6 To continue configuration, reenter global configuration mode. Configuring When the Router Dials Out Follow these steps to configure parameters that control how and when the router dials the central-site router.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Command Task Step 9 dialer-list 1 protocol ip list 101 Specify an access list both by list number and by protocol (IP) to define the packets of interest that can trigger a call to the destination. Step 10 dialer-list 1 protocol ipx list 900 Specify an access list both by list number and by protocol (IPX) to define the packets of interest that can trigger a call to the destination.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles Confirming Connectivity to the Central-Site Router You can verify your configuration to this point by testing connectivity to the central-site router, as follows: Step 1 From the privileged EXEC command mode, enter the ping command, followed by the IP address of the central-site route to have the router dial the central-site router. You should see output similar to the following: Router# ping 192.168.37.
Chapter 5 Configuring ISDN Dial-Up ISDN Connection with Dialer Profiles *Mar 1 03:37:47.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up *Mar 1 03:35:57.217: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5552053 HQ If the success rate, as shown in the command output, is 100 percent, this verification step is successful. Step 4 To continue configuration, reenter global configuration mode.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Troubleshooting Dialer Profile Problems If you are having problems, or if the output that you received during the verification steps is very different from that shown in the command output examples, you can troubleshoot your router, using the Cisco IOS debug commands. The debug commands provide extensive command output that is not included in this document.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router In addition to the assumptions described in the “Before You Begin” section at the beginning of this chapter, this configuration is based on the additional assumption that both ISDN B channels are connecting to the same central-site router.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration. Step 3 service timestamps log datetime msec Configure the router to show the date and time of all log messages.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Step 4 Command Task isdn switch-type basic-ni Configure the type of central office switch used on the ISDN interface.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Command Task Step 1 enable password Specify a password to prevent unauthorized access to the router. Step 2 hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Command Task Step 1 multilink virtual-template 1 Define a virtual template from which this multilink PPP bundle interface can replicate its interface parameters. Step 2 isdn leased-line BRI0 128 Configure the BRI interface to use the ISDN physical connection as a leased-line service. If you want to combine both B channels into a single data pipe, enter the 128 keyword with this command.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Command Task Step 9 no shutdown Enable the interface and the configuration changes you have just made on the interface. Step 10 exit Exit configuration mode for this interface. Clearing the ISDN Interface Follow these steps to clear the IP address from the ISDN interface. Command Task Step 1 interface BRI0 Enter configuration mode for the BRI interface.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Command Task Step 6 ip unnumbered Virtual-Template1 Enable IP routing on this interface without assigning an IP address. Step 7 encapsulation ppp Set the encapsulation method on this interface to PPP. Step 8 ppp multilink Enable multilink PPP on this interface. Step 9 exit Exit configuration mode for this interface. Configuring Dynamic IP Routing Follow these steps to configure the router for dynamic IP routing.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router *Mar 1 03:37:46.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up *Mar 1 03:37:46.939: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up *Mar 1 03:37:47.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up *Mar 1 03:35:57.
Chapter 5 Configuring ISDN Leased-Line ISDN Connection to a Central-Site Router Configuring Command-Line Access to the Router Follow these steps to configure parameters that control access to the router, such as what type of terminal line is used with the router, how long the router waits for a user entry before it times out, and what password is used to start a terminal session with the router.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool The following debug commands are helpful in troubleshooting an ISDN leased line. Follow these commands with the ping command to display debug output. • debug ppp negotiation • debug isdn events • debug q931 • debug q921 Dial-In ISDN BRI Pool This section describes how to configure a Cisco router with two ISDN BRI interfaces to function as a dial-in server.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Figure 5-4 ISDN Configuration Example—Dial-In ISDN BRI Pool Remote routers jason 172.16.12.6 Central site IP network 171.68.15.0 ISDN lines wei 172.16.12.7 Cisco 1700 sammy 172.16.12.8 tito 172.16.12.9 14484 Dialer rotary group IP address: 172.16.12.4 Configuring Global Parameters Follow these steps to configure global router parameters. Command Task Step 1 configure terminal Enter configuration mode.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Step 3 Command Task service timestamps log datetime msec Configure the router to show the date and time of all log messages. This command is optional, but it is recommended if you use the verification steps described in this guide. This feature is enabled for all the command output examples shown in this guide. Step 4 isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Command Task Step 1 enable password Specify a password to prevent unauthorized access to the router. Step 2 hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Configuring the ISDN Interfaces Follow these steps to configure the two ISDN interfaces that accept calls from remote routers. Command Task Step 1 interface BRI0 Enter configuration mode for the first ISDN interface. Step 2 no ip address Remove any IP addresses that might be assigned to this interface. Step 3 encapsulation ppp Configure the interface for PPP packet encapsulation.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Command Task Step 13 no shutdown Enable this interface and the configuration changes you have just made. Step 14 exit Exit configuration mode for this interface. Configuring a Dialer Interface Follow these steps to configure the two ISDN interfaces as one dialer interface that accepts calls from remote routers. Command Task Step 1 interface dialer 100 Create a dialer rotary group interface, and enter configuration mode for that interface.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Command Task Step 7 dialer load-threshold 70 Configure bandwidth on demand by setting the maximum load before the router places another call to a destination. Step 8 dialer-group 1 Assign the dialer interface to a dialer group. Step 9 no fair-queue Disable weighted fair queuing on this interface. Step 10 ppp multilink Enable multilink PPP on this interface. Step 11 ppp authentication chap Enable CHAP or PAP authentication on this interface.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Configuring IP Static Routes and Dial-In Parameters Follow these steps to configure an IP static router and the access lists that define what type of network traffic the router will accept. Command Task Step 1 ip route 171.68.0.0 255.255.255.240 171.68.12.1 Configure an IP static route used to route data received from remote routers. Step 2 access-list 101 deny ip any host 255.255.255.255 Define a standard access list based on IP network variables.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Command Task Step 5 login Enable password checking at terminal session login. Step 6 end Exit configuration mode.
Chapter 5 Configuring ISDN Dial-In ISDN BRI Pool Cisco 1700 Series Router Software Configuration Guide 5-48 78-5407-03
C H A P T E R 6 Configuring a Leased Line The configuration in this chapter describes how to configure a Cisco router for IP and Internetwork Packet Exchange (IPX) over a synchronous serial line. Before You Begin The configuration in this chapter is based on the following assumptions: • Your Cisco router hardware is correctly installed in accordance with the Hardware Installation Guide for your Cisco router. • Your Cisco router is using multilink Point-to-Point Protocol (PPP).
Chapter 6 Configuring a Leased Line Before You Begin Note To use the verification steps described in this chapter, you must be familiar with Cisco IOS commands and command modes. When you use the verification steps, you need to change to different command modes. If you are not familiar with command modes, see the “Understanding Command Modes” section in the “Introduction to Router Configuration” chapter.
Chapter 6 Configuring a Leased Line Configuring Global Parameters Configuring Global Parameters Follow these steps to configure the router for global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 6 Configuring a Leased Line Configuring the Fast Ethernet Interface Command Task Step 1 enable password Specify a password to prevent unauthorized access to the router. Step 2 hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 6 Configuring a Leased Line Configuring the Serial Interface Configuring the Serial Interface Follow these steps to configure the serial interface, which connects your router to the central-site router. Command Task Step 1 interface serial0 Enter configuration mode for the serial interface. Step 2 description leased line to headquarters Add a description of this interface to help you remember what is attached to it.
Chapter 6 Configuring a Leased Line Configuring Command-Line Access to the Router Command Task Step 5 ip classless Configure the router to forward packets addressed to a subnet of a network with no network default route. Step 6 exit Exit router configuration mode. Configuring Command-Line Access to the Router Follow these steps to configure parameters that control access to the router. Command Task Step 1 line console 0 Specify the console terminal line, and enter line configuration mode.
Chapter 6 Configuring a Leased Line Troubleshooting Problems with Leased Lines MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Closed . . . Step 2 Confirm that the “Serial0 is up, line protocol is up” message appears, as shown in the command output example.
Chapter 6 Configuring a Leased Line Troubleshooting Problems with Leased Lines Table 6-1 Possible Causes of and Suggested Actions for Solving Problems with Leased Lines Line State Possible Cause Suggested Actions Serial0 is down, The router is not sensing a Carrier The following are some steps you can take line protocol is Detect (CD) signal as a result of one to isolate the problem: down. of the following: • Check the LEDs on the external DSU/CSU for CD activity.
Chapter 6 Configuring a Leased Line Troubleshooting Problems with Leased Lines Table 6-1 Possible Causes of and Suggested Actions for Solving Problems with Leased Lines Line State Possible Cause Serial0 is up, line protocol is up (looped). The following are some steps you can take The possible cause is that a loop to isolate the problem: exists in the circuit.
Chapter 6 Configuring a Leased Line Troubleshooting Problems with Leased Lines Cisco 1700 Series Router Software Configuration Guide 6-10 78-5407-03
C H A P T E R 7 Configuring Frame Relay This chapter tells how to configure the Cisco router to connect to a central-site router over a a Frame Relay line and provides verification steps and troubleshooting tips.
Chapter 7 Configuring Frame Relay Frame Relay Before you begin configuration, be aware of the following: Note • You need to enter the commands in the order shown in the task tables. • The values shown in italic are examples. For the values shown, you should instead enter values appropriate for your network. • You should be familiar with Cisco IOS software and its conventions. To use the verification steps described in this chapter, you must be familiar with Cisco IOS commands and command modes.
Chapter 7 Configuring Frame Relay Frame Relay Figure 7-1 Configuration Example—Frame Relay Remote site Serial subinterface 1 IP address: 192.168.39.41 Central site Frame Relay 1700 Router 14320 Ethernet IPX network: ABC IPX network: 987 Configuring Global Parameters Follow these steps to configure the router for global parameters. Command Task Step 1 configure terminal Enter configuration mode.
Chapter 7 Configuring Frame Relay Frame Relay Configuring Security Follow these steps to configure the router with security measures. Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router. Step 2 enable password Specify a password to prevent unauthorized access to the router.
Chapter 7 Configuring Frame Relay Frame Relay Configuring the Serial Interface for a Frame Relay Connection Follow these steps to configure the serial interface for Frame Relay packet encapsulation. Command Task Step 1 interface Serial0 Enter configuration mode for the serial interface. Step 2 encapsulation frame-relay Set the encapsulation method on this interface to Frame Relay. Step 3 no shutdown Enable the configuration changes on this interface.
Chapter 7 Configuring Frame Relay Frame Relay Step 5 If there is no output after you enter the command, use the show interface serial0 command to determine whether the serial interface is active. An example of this command is in the next section, “Configuring the Point-to-Point Frame Relay Connection.
Chapter 7 Configuring Frame Relay Frame Relay Step 5 Command Task snapshot client 5 60 Enable snapshot routing. Because your router is dialing into a central-site router, it is considered the client router. The first number is the amount of “active time” (in minutes) during which routing updates are exchanged between your router and the central-site router. The second number is the amount of “quiet time” (in minutes) during which routing entries are frozen and remain unchanged.
Chapter 7 Configuring Frame Relay Frame Relay LMI enq recvd 39, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 27/0, interface broadcasts 28 Last input 00:00:01, output 00:00:05, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/64/0 (size/threshold/drops) Conversations 0/1 (active/max active) Reserved
Chapter 7 Configuring Frame Relay Frame Relay Confirming That the Frame Relay Maps are Active You can verify that the frame relay maps are active by performing the following steps: Step 1 From the privileged EXEC command mode, enter the show frame-relay map command. You should see output similar to the following: Router# show frame-relay map Serial0.
Chapter 7 Configuring Frame Relay Frame Relay Step 2 Note the percentage in the “Success rate” line, as shown in the example. If the success rate is 60 percent or greater, this verification step is successful. Step 3 To continue configuration, reenter global configuration mode. Configuring Routing Parameters Follow these steps to configure the Frame Relay interface for Enhanced Interior Gateway Routing Protocol (EIGRP) routing.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Command Task Step 5 login Enable password checking at terminal session login. Step 6 end Exit configuration mode. Frame Relay with an Internal DSU/CSU This section tells how to configure the Cisco router with an internal data service unit/channel service unit (DSU/CSU) for Frame Relay.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Configuring Global Parameters Follow these steps to configure the router for global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Configuring Security Follow these steps to configure the router with security measures. Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Configuring the Frame Relay Interface Follow these steps to configure the serial interface, which connects your router to the central-site router over the wide-area network. Command Task Step 1 interface Serial0 Enter configuration mode for the serial interface. Step 2 no ip address Disable IP routing on this interface. Step 3 encapsulation frame-relay Set the encapsulation method on this interface to Frame Relay.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Confirming That the Line Is Up You can verify that the line is up by performing the following steps: Step 1 From the privileged EXEC command mode, enter the show interface serial 0 command.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Confirming That the Interface Is Receiving a Line Signal You can verify that the interface is receiving a line signal by performing the following steps: Step 1 From the privileged EXEC command mode, enter the show service module serial0 command.
Chapter 7 Configuring Frame Relay Frame Relay with an Internal DSU/CSU Command Task Step 5 ip address 192.168.38.41 255.255.255.0 Configure this interface with an IP address and a subnet mask. Step 6 ipx network 456 Enable IPX routing on this interface. Step 7 snapshot client 5 60 Enable snapshot routing. Because your router is dialing into a central-site router, it is considered the client router.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Command Task Step 3 ip classless Configure the router to forward packets addressed to a subnet of a network with no network default route. Step 4 exit Exit router configuration mode. Configuring Command-Line Access to the Router Follow these steps to configure parameters that control access to the router. Command Task Step 1 line console 0 Specify the console terminal line.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection In addition to the assumptions listed in the “Before You Begin” section of this chapter, the configuration is based on the following assumptions: • Frame Relay is used as the primary WAN connection to the central site. • The ISDN line is used as the secondary WAN connection to the central site.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Configuring Global Parameters Follow these steps to configure the router for some global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Step 5 Command Task isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router. Step 2 enable password Specify a password to prevent unauthorized access to the router.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Command Task Step 4 no shutdown Enable the interface and the configuration changes that you have just made on the interface. Step 5 exit Exit configuration mode for the this interface. Configuring the Frame Relay Interface Follow these steps to configure the Frame Relay interface, which connects your router to the central-site router over the wide-area network.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Command Task Step 8 frame-relay interface-dlci 17 Assign a (DLCI) to the Frame Relay subinterface. Step 9 no shutdown Enable the interface and the configuration changes that you have just made on the interface. Step 10 exit Exit configuration mode for this interface. Configuring the ISDN Interface Follow these steps to configure the ISDN line to act as a backup connection in the event of failure of the Frame Relay connection.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Step 7 Command Task dialer string 5552053 Specify the telephone number that this interface dials to connect to the central-site router. This command is used when the interface is connecting to only a single remote site. Step 8 dialer-group 1 Assign this interface to a dialer group. Step 9 ppp authentication chap pap Enable CHAP and PAP authentication on this interface. CHAP authentication is attempted first.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection *Mar 1 03:37:47.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up *Mar 1 03:35:57.217: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5552053 HQ Step 2 Wait for the “ISDN-6-CONNECT” message. Step 3 Enter the ping command, followed by the IP address of the central-site router, a second time: Router# ping 192.168.37.40 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Command Task Step 1 router eigrp 202 Configure the IP (EIGRP) routing process. Step 2 network 172.16.0.0 To specify a list of networks for the EIGRP routing process, enter the IP address of the directly connected network. Step 3 ip classless Specify that the router does not forward packets that are destined for a subnet of a network that has no network default route.
Chapter 7 Configuring Frame Relay ISDN as the Backup WAN Connection Verifying Your Configuration To verify your router configuration to this point, confirm that the ISDN connects dynamically to the remote site when the Frame Relay connection is disconnected. Follow these steps: Step 1 Remove the cable that connects the router to the Frame Relay services, or otherwise force the DLCI(s) to become inactive. This action brings the line protocol down.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Caution • debug ppp authentication • debug ppp multilink events If you are not familiar with Cisco IOS debug commands, you should read the “Using Debug Commands” section in the “Introduction to Router Configuration” chapter before attempting any debugging.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles These are the major tasks in configuring your router: • Configuring Global Parameters • Configuring Security • Configuring the Fast Ethernet Interface • Configuring the Serial Interface • Configuring the Primary Connection to the First Central-Site Router • Configuring the Primary Connection to the Second Central-Site Router • Configuring the ISDN Interface • Configuring the Backup Connection to the First Ce
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Step 4 Command Task isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Configuring Security Follow these steps to configure the router with security measures. Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Configuring the Fast Ethernet Interface Follow these steps to configure the Fast Ethernet interface, which connects your router to the local network. Command Task Step 1 interface fastethernet0 Enter configuration mode for this interface. Step 2 ip address 172.16.20.1 255.255.255.0 Configure this interface with an Ethernet address.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Configuring the Primary Connection to the First Central-Site Router Follow these steps to configure a Frame Relay connection to a central-site router. Command Task Step 1 interface serial0.1 point-to-point Create a subinterface, and enter configuration mode for the interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Configuring the Primary Connection to the Second Central-Site Router Follow these steps to configure a Frame Relay connection to a second central-site router. Command Task Step 1 interface serial0.2 point-to-point Create a subinterface, and enter configuration mode for the interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Configuring the ISDN Interface Follow these steps to configure the ISDN line to act as a backup connection in the event of failure of the Frame Relay connection. Command Task Step 1 interface BRI0 Enter configuration mode for this interface. Step 2 encapsulation ppp Configure this interface for PPP packet encapsulation. Step 3 dialer pool-member 1 Assign this interface to a dialer pool.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Command Task Step 4 ipx network DCBA Configure this interface with an IPX network number. Step 5 dialer remote-name HQ1 Configure the name of the central-site router that this interface dials. The name that you enter with this command should be the same name that you entered with the username password command in the “Configuring Security” section on page 7-32.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Step 1 Command Task interface Dialer2 Create an ISDN dialer interface, and enter configuration mode for the interface. The number that you assign in this command must match the number you assigned with the backup interface command when you configured the primary connection to the second central-site router. Step 2 ip unnumbered fastethernet0 Enable IP routing without assigning an IP address.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Dialer Profiles Command Task Step 11 no shutdown Enable the configuration changes for this interface. Step 12 exit Exit configuration mode for this subinterface. Configuring Routing Protocols Follow these steps to configure the router for EIGRP routing. Command Task Step 1 router eigrp 1 Configure the router for IP EIGRP routing. Step 2 network 172.16.0.0 Configure the IP network address for EIGRP routing.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes ISDN as a Backup Connection with Floating Static Routes When the router makes routing decisions, static routes normally take precedence over learned routes. If you have configured static routes, the router usually sends data over these routes before using routes that it has learned and stored in the routing table.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Configuration Example—ISDN as Backup Connection with Floating Static Routes Remote site Ethernet interface IP address: 172.16.25.42 IPX network: 9876 Frame Relay 1700 Network addresses: IP: 172.16.25.0 IPX: ABC ISDN interface: IP unnumbered ISDN Central site Username: HQ Phone: 5552053 PPP password: guessme Router ISDN interface IP address: 192.168.41.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Configuring Global Parameters Follow these steps to configure the router for some global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Step 4 Command Task isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Command Task Step 2 enable password Specify a password to prevent unauthorized access to the router. Step 3 username HQ password Specify the password used during caller identification and CHAP and PAP authentication. For CHAP and PAP authentication, the username entered with this command must match the host name of the central-site router.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Command Task Step 1 interface Serial0 Enter configuration mode for the serial interface. Step 2 no ip address Disable IP routing on this interface. Step 3 encapsulation frame-relay Set the encapsulation method on this interface to Frame Relay. Step 4 no shutdown Enable the interface and the configuration changes that you have just made on the interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Configuring the ISDN Interface Follow these steps to configure parameters for the ISDN interface, which connects your router to the central-site router if for some reason the Frame Relay connection fails. Command Task Step 1 interface BRI0 Enter configuration mode for the ISDN interface. Step 2 isdn spid1 555987601 Enter the SPID number assigned by the ISDN service provider to the B1 channel.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Command Task Step 10 dialer idle-timeout 300 Configure the ISDN line to go down after a specified number of seconds with no network traffic. Step 11 dialer string 5552053 Configure the telephone number that this interface dials to reach the central site. Step 12 dialer-group 1 Assign this interface to a dialer group. Step 13 no fair-queue Disable weighted fair queuing for this interface.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Command Task Step 4 ip classless Specify that the router does not forward packets that are destined for a subnet of a network that has no network default route. Step 5 exit Exit router configuration mode. Configuring When the Router Dials Out Follow these steps to configure access lists and static routes that determine when the ISDN line dials the central-site router. Command Task Step 1 ip route 0.0.0.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Command Task Step 11 ipx route 5E11 1234.0000.0c75.c689 floating-static Define a floating static IPX route to the central-site network. Step 12 ipx sap 4 MRKT_SERV 5E11.0000.0000.0001 452 2 Define a static route to an IPX server on the central-site network. Step 13 ipx sap 4 ENG_SERV CCB.0000.0000.0001 452 2 Define a static route to an IPX server on the central-site network.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Verifying Your Configuration Follow these steps to verify that the ISDN line is configured to back up the Frame Relay line: Step 1 Bring the Frame Relay connection down. This clears the routing table of all routes learned from the Frame Relay interface. Step 2 Use the ping command to test connectivity to any central-site router that is on the 192.168.0.0 network.
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes • debug ppp authentication • debug ppp multilink events Cisco 1700 Series Router Software Configuration Guide 78-5407-03 7-51
Chapter 7 Configuring Frame Relay ISDN as a Backup Connection with Floating Static Routes Cisco 1700 Series Router Software Configuration Guide 7-52 78-5407-03
C H A P T E R 8 Configuring Asynchronous Connections This chapter describes how to configure the Cisco router to dial into a central-site router over a standard telephone line and provides verification steps and troubleshooting tips.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection • Note You should be familiar with Cisco IOS software and its conventions. To use the verification steps described in this chapter, you must be familiar with Cisco IOS commands and command modes. When you use the verification steps, you need to change to different command modes. If you are not familiar with command modes, see the “Understanding Command Modes” section in the “Introduction to Router Configuration” chapter.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Configuration Example—Asynchronous Dial-Up Connection Central site Remote site Asynchronous interface IP address: 192.168.39.40 IPX address: 9876.0000.0c06.e006 Asynchronous interface IP address: 192.168.39.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Command Task Step 4 ipx routing 0060.834f.66dd Enable Internetwork Packet Exchange (IPX) routing and configure the router with an IPX address. Step 5 chat-script dialout “atdt\t” timeout 60 connect\c Create a script that causes the modem connected to the router to place a call to the central site. Configuring Security Follow these steps to configure the router with security measures.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Configuring the Fast Ethernet Interface Follow these steps to configure the Fast Ethernet interface, which connects your router to the local network. Command Task Step 1 interface fastethernet0 Enter configuration mode for the Fast Ethernet interface. Step 2 ip address 172.16.25.42 255.255.255.224 Configure this interface with an IP address and a subnet mask.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Command Task Step 6 dialer in-band Specify that dial-on-demand routing (DDR) is supported on this interface. Step 7 ipx route 1234 9876.0000.0c06.ecc6 Configure a static route to the central-site device. Step 8 snapshot client 5 60 Enable snapshot routing. Because your router is dialing into a central-site router, it is considered the client router.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Command Task Step 18 stopb 1 Configure stop bits on the asynchronous line. Step 19 exit Exit line configuration mode.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Verifying Your Configuration You can verify your configuration to this point by • Confirming Connectivity to the Central-Site Router • Confirming the Serial Interface Status • Confirming the Asynchronous Line Configuration Confirming Connectivity to the Central-Site Router Follow these steps to verify connectivity to the central-site router: Step 1 From the privileged EXEC command mode, enter the ping command, followed
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Step 3 To continue configuration, reenter global configuration mode. Confirming the Serial Interface Status Follow these steps to confirm the status of the serial interface: Step 1 From the privileged EXEC command mode, enter the show interface serial0 command.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Confirming the Asynchronous Line Configuration Follow these steps to confirm the configuration of the asynchronous line: Step 1 From the privileged EXEC mode, enter the show line command.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-Up Connection Command Task Step 1 interface Serial0 Enter configuration mode for the serial interface. Step 2 dialer map snapshot 1 name HQ Define a dialer map for snapshot routing. Step 3 dialer map ip 192.168.39.40 name HQ modem-script dialout 5552053 Configure a dialer map to send IP data over the modem line to the central-site router. Step 4 dialer map ipx 9876.0000.0c06.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-In Pool Asynchronous Dial-In Pool This section describes how to configure a Cisco router with multiple asynchronous interfaces for dial-in connections. In this example, the Cisco router functions as the central-site router that accepts connections from remote users.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-In Pool This configuration example includes multiple interfaces of the same type being configured with the same commands. When you enter commands for one of the multiple interfaces, you must enter interface configuration mode for the correct interface. Table 8-1 shows how the interfaces are numbered in this configuration example.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-In Pool Configuring Security Follow these steps to configure the router with security measures. Command Task Step 1 service password-encryption Configure the router to encrypt passwords. Step 2 enable password Specify a password to prevent unauthorized access to the router. Step 3 hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-In Pool Command Task Step 3 no shutdown Enable the interface and the configuration changes that you have just made on the interface. Step 4 exit Exit configuration mode for the interface. Configuring the Asynchronous Interfaces Follow these steps to configure how the four asynchronous interfaces will receive calls from remote routers.
Chapter 8 Configuring Asynchronous Connections Asynchronous Dial-In Pool Command Task Step 10 ip local pool dialin 192.168.39.239 192.168.39.254 Configure a local pool of IP addressees that are used when a remote router connects to the one of the asynchronous interfaces. The command defines the range of IP address that can be used, with the lowest IP address followed by the highest IP address.
Chapter 8 Configuring Asynchronous Connections Troubleshooting Asynchronous Problems Command Task Step 5 login Enable password checking at terminal session login. Step 6 end Exit configuration mode. Troubleshooting Asynchronous Problems If you are having problems or if the output that you received during the verification steps is very different from that shown in the command output examples, you can troubleshoot your router, using the Cisco IOS debug commands.
Chapter 8 Configuring Asynchronous Connections Troubleshooting Asynchronous Problems Cisco 1700 Series Router Software Configuration Guide 8-18 78-5407-03
C H A P T E R 9 Configuring X.25 This chapter describes how to configure the Cisco router to connect to a central-site router over an X.25 line or over an ISDN line and provides verification steps and troubleshooting tips. This chapter contains the following sections: • Before You Begin • X.25 • X.25 over ISDN B Channel • X.25 over ISDN D Channel • Troubleshooting X.
Chapter 9 Configuring X.25 X.25 Note To use the verification steps described in this chapter, you must be familiar with Cisco IOS commands and command modes. When you use the verification steps, you need to change to different command modes. If you are not familiar with command modes, see the “Understanding Command Modes” section in the “Introduction to Router Configuration” chapter. X.25 This section describes how to your router for a point-to-point X.25 WAN connection to the central-site router.
Chapter 9 Configuring X.25 X.25 Configuring Global Parameters Follow these steps to configure the router for global parameters. Command Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration.
Chapter 9 Configuring X.25 X.25 Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For Point-to-Point Protocol (PPP) authentication, the host name entered with this command must match the username of the central-site router. Step 2 enable password Specify a password to prevent unauthorized access to the router.
Chapter 9 Configuring X.25 X.25 Command Task Step 1 interface Serial0 Enter configuration mode for the serial interface. Step 2 ip address 172.16.26.1 255.255.255.0 Configure this interface with an IP address. Step 3 encapsulation x25 Set the encapsulation type on this interface to X.25. Step 4 ipx network 9876 Enable IPX routing on this interface. Step 5 x25 address 5432 Set the X.121 address of this interface. Step 6 x25 map ip 172.16.26.
Chapter 9 Configuring X.25 X.25 Step 2 From the privileged EXEC command mode, enter the ping command, followed by the IP address of the central-site router: Router# ping 172.16.26.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echo to 192.168.39.41, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/20 ms Step 3 Confirm that the success rate shown in the output is 60 percent or greater.
Chapter 9 Configuring X.25 X.25 Step 4 Confirm that the success rate shown in the output is 60 percent or greater. This means that your router is successfully transferring data to the central-site router. Step 5 To continue configuration, reenter global configuration mode. Confirming That the Serial Interface Is Functioning Correctly Follow these steps to confirm that the serial interface is functioning correctly: Step 1 From the privileged EXEC command mode, enter the show interface serial0 command.
Chapter 9 Configuring X.25 X.25 Step 2 Check that the “line protocol is up” and the “State CONNECT” messages appear in the command output. If you do not see these messages, see the “X.25 over ISDN B Channel” section on page 9-10 for suggestions. Step 3 To continue configuration, reenter global configuration mode. Confirming That the X.25 Map Is Configured Correctly Follow these steps to confirm that the X.
Chapter 9 Configuring X.25 X.25 PS: 7 PR: 3 ACK: 3 Remote PR: 7 RCNT: 0 RNR: FALSE Retransmits: 0 Timer (secs): 0 Reassembly (bytes): 0 Held Fragments/Packets: 0/0 Bytes 1540/1724 Packets 15/19 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0 Step 2 Step 3 Look for the following messages in the output: • “SVC 1”—Means that the X.25 service is active for the X.25 interface. • “State: D1”—Means that there is an active virtual circuit on the X. 25 interface. • “Connects 2345 <-->”—Means that the X.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel X.25 over ISDN B Channel This section describes how to configure the router to encapsulate IP and IPX packets as X.25 and how to route them over an ISDN B-channel connection. In addition to the assumptions described in the “Before You Begin” section in this chapter, this configuration is based on the assumption that you can only use one of the two ISDN B channels for this type of configuration.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Commamd Task Step 1 configure terminal Enter configuration mode. Step 2 service timestamps debug datetime msec Configure the router to show the date and time of all debug messages. This command is optional, but it is recommended if you use debug commands to troubleshoot your configuration. Step 3 service timestamps log datetime msec Configure the router to show the date and time of all log messages.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Step 5 Commamd Task isdn switch-type basic-ni Configure the type of central office switch being used on the ISDN interface.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Verifying Your Configuration You can verify your configuration to this point by confirming the ISDN line status as follows: Step 1 From the privileged EXEC command mode, enter the show isdn status command.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Configuring Security Follow these steps to configure the router with security measures. Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the central-site router. Step 2 enable password Specify a password to prevent unauthorized access to the router.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Command Task Step 3 Enable the interface and the configuration changes that you have just made on the interface. no shutdown Step 4 exit Exit configuration mode for this interface. Configuring the ISDN Interface for X.25 Follow these steps to configure the ISDN interface, which connects your router to the central-site router over the wide-area network, for X.25 packet encapsulation.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Step 9 Command Task dialer map ip 192.168.39.40 name HQ 5558461 Configure this interface to place a call to multiple sites and to authenticate calls from multiple sites, based on IP address and dialer string. The name you enter after the name keyword in this command must match the name entered with the username command in the “Configuring Security” section on page 9-14. Step 10 dialer map ipx 9876.0000.0c03.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Confirming Connectivity with the Central-Site Router over IP Follow these steps to confirm connectivity with the central-site router over IP: Step 1 Confirm that your router X.25 connection is active. Step 2 From the privileged EXEC command mode, enter the ping command, followed by the IP address of the central-site router. You should see command output similar to the following: Router# ping 192.168.39.40 Type escape sequence to abort.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Note Substitute the IPX address of your central-site router for the IPX address shown in the example. Step 3 Confirm that the success rate shown in the output is 60 percent or greater. This means that your router is successfully transferring data to the central-site router. Step 4 To continue configuration, reenter global configuration mode. Confirming That the X.25 Map Is Configured Correctly Follow these steps to confirm that the X.
Chapter 9 Configuring X.25 X.25 over ISDN B Channel Confirming Switched Virtual Circuit and Permanent Virtual Circuit Information Follow these steps to confirm switched virtual circuit and permanent virtual circuit information: Step 1 From the privileged EXEC command mode, enter the show x25 vc command. You should see command output similar to the following: Router# show x25 vc SVC 1, State: D1, Interface: Serial0 Started 00:04:10, last input 00:00:26, output 00:00:33 Connects 2345 <--> ip 192.168.39.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Command Task Step 5 login Enable password checking at terminal session login. Step 6 end Exit configuration mode. X.25 over ISDN D Channel This section tells how to configure the router to send data as X.25 over an ISDN D-channel connection. This section also tells how to configure the router to encapsulate IP and IPX packets as X.25 and to then route them over an ISDN B-channel connection.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Configuring Global Parameters Follow these steps to configure global parameters. Step 1 Command Task configure terminal Enter configuration mode.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Step 2 Command Task ipx routing 0060.834f.66dd Enable IPX routing, and configure the router with an IPX address. If you do not know your router IPX address, you can enter this command without an address. The router then determines its own IPX address. You can then enter a write terminal command. The address will be displayed in the command output.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Step 1 Enter the show isdn status command.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Step 1 Command Task hostname Router Configure the router with a host name, which is used in prompts and default configuration filenames. For PPP authentication, the host name entered with this command must match the username of the remote device. Step 2 enable password Specify a password to prevent unauthorized access to the router.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Command Task Step 1 interface BRI0 Enter configuration mode for the ISDN interface. Step 2 ip address 192.168.40.41 255.255.255.0 Configure this interface with an IP address. Step 3 encapsulation ppp Set the encapsulation method on this interface to PPP. Step 4 isdn x25 dchannel Create a configurable interface for X.25 traffic over the ISDN D channel.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Command Task Step 1 interface BRI0:0 Enter configuration mode for the ISDN subinterface. Step 2 ip address 192.168.41.41 255.255.255.0 Configure this interface with an IP address and a subnet mask. Step 3 encapsulation x25 Set the encapsulation type on this interface to X.25. Step 4 ipx network 9876 Enable IPX routing on this interface. Step 5 x25 address 5432 Set the X.25 address of this interface.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Confirming Connectivity to the Remote Device over IP Follow these steps to confirm connectivity with the remote device over IP: Step 1 Enter the ping command, followed by the IP address of the remote device. You should see command output similar to the following: Router# ping 192.168.39.40 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.39.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel Step 2 Check the success rate in the command output. If the success rate is below 100 percent, refer to the following “Troubleshooting X.25 Problems” section for suggestions. Note The modem might need time to synchronize with the central-site router. You might have to enter the ping command several times before you get a response. Confirming That the X.25 Map Is Configured Correctly Follow these steps to confirm that the X.
Chapter 9 Configuring X.25 X.25 over ISDN D Channel ip 172.16.26.1 ipx 9876.0000.0c03.ecc6 multiprotocol cud pid, standard Tx data PID Window size input: 2, output: 2 Packet size input: 128, output: 128 PS: 7 PR: 3 ACK: 3 Remote PR: 7 RCNT: 0 RNR: FALSE Retransmits: 0 Timer (secs): 0 Reassembly (bytes): 0 Held Fragments/Packets: 0/0 Bytes 1540/1724 Packets 15/19 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0 Step 2 Look for the following messages in the output: • “SVC 1”—Means that the X.
Chapter 9 Configuring X.25 Troubleshooting X.25 Problems Troubleshooting X.25 Problems If you are having problems or if the output that you received during the verification steps is very different from that shown in the command output examples, you can troubleshoot your router by performing some or all of the following suggested actions.
C H A P T E R A Networking Concepts This appendix describes concepts that can help you in designing your network and in configuring your router in accordance with the examples in this guide.
Chapter A Networking Concepts WAN Technologies ISDN ISDN is a set of digital services that is available through your local telephone company. ISDN digitizes information that is sent over the telephone network so that voice, data, text, graphics, music, video, and other material can be sent over existing telephone wire. ISDN Components ISDN components include terminals, terminal adapters (TAs), network termination devices, line-termination equipment, and exchange-termination equipment.
Chapter A Networking Concepts WAN Technologies Services There are two types of ISDN services: • Basic Rate Interface (BRI)—This service provides two B channels and one D channel. Each B channel operates at 64 kbps and carries user data. The D channel operates at 16 kbps and carries control and signaling information, although in certain circumstances it carries user data. BRI supports framing control and overhead, and the total bit rate is 192 kbps.
Chapter A Networking Concepts WAN Technologies Sample ISDN Network NT2 TE1 device (computer) S U T NT2 TE1 device (ISDN telephone) S R TE2 device (standard telephone) Packet network ISDN switch U NT2 S ISDN switch NT1 T TA Switched network NT1 Private-line network NT1 T S1307a Figure 0-1 U Frame Relay Frame Relay is a method of packet-switching that is used for communication between user devices (such as routers, bridges, and host machines) and network devices (such as switching nod
Chapter A Networking Concepts WAN Technologies • It uses fiber media/digital transmission links. These types of physical connections have a high level of data integrity, so Frame Relay does not need to perform error checking. Error checking is time-consuming and can decrease WAN performance. • It does not need to perform flow control procedures because these types of procedures are done by upper-layer protocols.
Chapter A Networking Concepts WAN Technologies X.25 X.25 is a method of packet switching that is used for communication between user devices (such as routers, bridges, and host machines) and network devices (such as switching nodes and modems). User devices are called data terminal equipment (DTE), and network devices are called data circuit-terminating equipment (DCE). With X.25, one computer calls another to request a communication session. The called computer can accept or refuse the connection.
Chapter A Networking Concepts CHAP and PAP Authentication CHAP and PAP Authentication In configuring your router, you must select a method of authentication. Authentication is used for security and for identifying who is calling in so that the called router can correctly forward packets to the correct interface. This is generally required when dialer rotary groups are used and multiple sites are calling into a single router.
Chapter A Networking Concepts Access Lists PAP Authentication Like CHAP, PAP is an authentication protocol used with PPP. However, PAP is less secure. CHAP passes an encrypted version of the password on the physical link, but PAP passes the password and host name or username in clear text. When interactive mode (rather than dedicated mode) is used on asynchronous lines, the username command allows a router to verify a username in an internal database before the user can call in to the router.
Chapter A Networking Concepts Dialer Interfaces and Dialer Profiles Dialer Interfaces and Dialer Profiles A dialer interface is a WAN interface on the router that is not continuously connected to a remote device; it dials the remote device whenever a connection is required. Configuring an interface on a Cisco router to dial a specific remote device at specific times requires configuring dialer profiles.
Chapter A Networking Concepts Network Address Translation on the minimum and maximum number of B channels reserved by any dialer pool. A channel reserved by a dialer pool remains idle until traffic is directed to the pool. When you use dialer profiles to configure dial-on-demand routing (DDR), the physical interface is configured only for encapsulation and for the dialer pools to which the interface belongs. All other characteristics used for making calls are defined in the dialer map.
Chapter A Networking Concepts Dynamic Host Configuration Protocol all external communications. In this type of configuration, relatively few external addresses are required to support many internal hosts, thus conserving IP addresses. Because the addressing scheme on the inside network may conflict with registered addresses already assigned within the Internet, NAT can support a separate address pool for overlapping networks and translate the addresses as appropriate.
Chapter A Networking Concepts Virtual LANs A VLAN can be thought of as a broadcast domain that exists within a defined set of switches. A VLAN consists of a number of end systems, either hosts or network equipment (such as bridges and routers), connected by a single bridging domain. The bridging domain is supported on various pieces of network equipment; for example, LAN switches that operate bridging protocols between them, with a separate bridge group for each VLAN.
Chapter A Networking Concepts Virtual LANs Security VLANs also improve security by isolating groups. High-security users can be grouped into a VLAN, possibly on the same physical segment, and no users outside that VLAN can communicate with them. Broadcast Control Just as switches isolate collision domains for attached hosts and forward only appropriate traffic out a particular port, VLANs provide complete isolation between VLANs.
Chapter A Networking Concepts Virtual LANs Procedures for configuring routing between VLANs with IEEE 802.1Q encapsulation are provided in Chapter 4, “Configuring Routing Among VLANs with IEEE 802.1Q Encapsulation.” VLAN Translation VLAN translation refers to the ability of the Cisco IOS software to translate between different virtual LANs or between VLAN and non-VLAN encapsulating interfaces at Layer 2.
Chapter A Networking Concepts Virtual LANs parts of the network that are either logically segmented by means of the more traditional subnet approach or that require access to remote sites across wide-area links.
Chapter A Networking Concepts Virtual LANs Cisco 1700 Series Router Software Configuration Guide A-16 78-5407-03
C H A P T E R B ROM Monitor This appendix describes the Cisco router ROM monitor (also called the bootstrap program). The ROM monitor firmware runs when the router is powered up or reset. The firmware helps to initialize the processor hardware and boot the operating system software. You can perform certain configuration tasks, such as recovering a lost password or downloading software over the console port, by using the ROM monitor.
Chapter B ROM Monitor Entering the ROM Monitor Follow these steps to configure the router to boot up in ROM monitor mode the next time it is rebooted. Command Router Prompt Task Step 1 enable Router> If there is an enable password configured, enter the enable command and the enable password to enter privileged EXEC mode. Step 2 configure terminal Router# Enter global configuration mode. Step 3 config-reg 0x0 Router(config)# Reset the configuration register.
Chapter B ROM Monitor ROM Monitor Commands ROM Monitor Commands Enter ? or help at the ROM monitor prompt to display a list of available commands and options, as follows: rommon 1 > alias boot break confreg cont context cookie dev dir dis dnld frame help history meminfo repeat reset set stack sync sysret tftpdnld unalias unset xmodem ? set and display aliases command boot up an external process set/show/clear the breakpoint configuration register utility continue executing a downloaded image display the
Chapter B ROM Monitor Command Descriptions Command Descriptions Table B-1 describes commonly used ROM monitor commands. Table 0-1 Common ROM Monitor Commands Command Description help or ? Displays a summary of all available ROM monitor commands.
Chapter B ROM Monitor Disaster Recovery with TFTP Download Table B-2 describes the ROM monitor boot commands. For more information about the ROM monitor boot commands, refer to the Cisco IOS Configuration Guide and Cisco IOS Command Reference publications. Table 0-2 Boot Commands Command Description b Boots the first image in Flash memory. b flash: [filename] Attempts to boot the image directly from the first partition of Flash memory.
Chapter B ROM Monitor Disaster Recovery with TFTP Download Note The commands described in this section are case sensitive and must be entered exactly as shown in the lists. Required Variables The following variables must be set with the commands shown before using the tftpdnld command: Variable Command IP address of the router. IP_ADDRESS= ip_address Subnet mask of the router. IP_SUBNET_MASK= ip_address IP address of the default gateway of the DEFAULT_GATEWAY= ip_address router.
Chapter B ROM Monitor Disaster Recovery with TFTP Download Variable Command Number of times the router attempts TFTP_RETRY_COUNT= ARP and TFTP download. The default retry_times is 7. Amount of time, in seconds, before the TFTP_TIMEOUT= time download process times out. The default is 2400 seconds (40 minutes). Configures how the router displays file TFTP_VERBOSE= setting download progress. 0—No progress is displayed. 1—Exclamation points (!!!) are displayed to indicate file download progress.
Chapter B ROM Monitor Configuration Register Note The -r variable is optional. Entering this variable downloads and boots the new software but does not save the software to Flash. You can then use the image that is in Flash the next time you enter the reload command in the Cisco IOS software CLI. You will see output similar to the following: IP_ADDRESS: 10.0.0.1 IP_SUBNET_MASK: 255.255.0.0 DEFAULT_GATEWAY: 1.3.0.1 TFTP_SERVER: 223.255.254.254 TFTP_FILE: c1700-bnr2sy-mz.
Chapter B ROM Monitor Configuration Register This will change the virtual configuration register to the value specified. The value is always interpreted as hexadecimal. Entering confreg without an argument displays the contents of the virtual configuration register and a prompt to alter the contents by describing the meaning of each bit.
Chapter B ROM Monitor Console Download Console Download You can use console download, a ROM monitor function, to download over the router console port either a software image or a configuration file. After downloading, the file is saved either to Flash memory or to main memory for execution (image files only). Use console download when you do not have access to a TFTP server.
Chapter B ROM Monitor Console Download Argument Description y Optional. Sets the router to perform the download using ymodem protocol. Default is xmodem protocol. The protocols differ as follows: • The xmodem protocol supports a 128-block transfer size, whereas the ymodem protocol supports a 1024-block transfer size. • The ymodem protocol uses 16-bit CRC error checking to validate each packet.
Chapter B ROM Monitor Debug Commands Debug Commands Most ROM monitor debugging commands are functional only when Cisco IOS software has crashed or stopped. If you enter a debugging command and Cisco IOS crash information is not available, you see the following error message: "xxx: kernel context state is invalid, can not proceed." The following are ROM monitor debugging commands: • stack or k—Produce a stack trace.
Chapter B ROM Monitor Debug Commands • frame—Display an individual stack frame. • sysret—Display return information from the last booted system image. This information includes the reason for terminating the image, a stack dump of up to eight frames, and, if an exception is involved, the address where the exception occurred.
Chapter B ROM Monitor Debug Commands Cisco 1700 Series Router Software Configuration Guide B-14 78-5407-03
INDEX security 8-4 A verification 8-7 access-group command 2-6 troubleshooting 8-16 access-list commands 2-6, 5-10, 7-48 async mode dedicated command 8-5 access lists async mode interactive command 8-14 configuration 2-6 configuring 5-10, 5-25, 5-46, 7-27, 7-48 examples 2-7 B accounting, Quality of Service (QoS) A-13 backup delay command 7-23 addressing, in VLANs A-14 backup interface command 7-23 asynchronous connections boot in ROM monitor mode B-2 assumptions 8-1 bridging domain A-12 d
Index command modes dialer rotary-group 5-43 Cisco IOS 1-2 dialer string 7-25 summary (table) 1-4 dir B-4 commands enable password 1-7, 5-5, 6-4, 7-4, 8-4, 9-4 access-group 2-6 enable secret 1-7 access-list 2-6, 5-10, 7-48 encapsulation 5-8, 7-5, 8-6, 9-5 async mode dedicated 8-5 encapsulation dot1q 4-8 async mode interactive 8-14 end 5-16, 6-6, 7-11, 8-10, 9-20 backup delay 7-23 exec-timeout 5-16, 6-6, 7-10, 8-10, 9-9 backup interface 7-23 exit 5-6, 6-4, 7-4, 8-5, 9-4 chat-script 8-4
Index ipx watchdog-spoof 5-7, 7-46 router rip 6-5 isdn leased-line 5-34 service-module 56k clock source 7-14 isdn switch-type 5-4, 7-21, 9-12 service-module 56k network type 7-14 isdn x25 dchannel 9-24 service password-encryption 8-13 isdn x25 static-tei 9-24 service timestamps debug datetime msec 5-3, line console 5-16, 6-6, 7-10, 8-10, 9-9 line vty 5-16, 6-6, 7-10, 8-10, 9-9 login 5-16, 6-6, 7-11, 8-10, 9-9 meminfo B-13 multilink virtual-template 5-34 network 5-45, 6-5, 7-10 no auto-summary 6-5
Index commands, abbreviating 1-9 lapb 9-29 common error messages 1-9 modem 8-16 configuration register B-8 ppp authentication 5-17, 7-29 configure terminal command 5-3, 6-3, 7-3, 8-3, 9-3 ppp multilink events 5-17, 7-29 configuring the router, saving your configuration 1-10 ppp negotiation 5-17, 7-28, 8-16 ROM monitor B-12 console download B-10 turning off 1-11 context command B-12 using in a Telnet session 1-11 conventions xv when to use 1-11 crypto commands 2-2 crypto engine accelerator c
Index dialer-list command 5-10, 7-27, 9-16 F dialer load-threshold command 5-8 dialer map command 5-7, 8-10, 9-16 firewall configuration 2-5 dialer pool command 7-37 firewalls dialer pool-member command 7-36 and access lists 2-6 to 2-8 dialer remote-name command 7-37 and inspection rules 2-8 dialer rotary-group command 5-43 frame command B-13 dialer string command 7-25 Frame Relay dir command B-4 internal DSU/CSU assumptions 7-11 domain bridging A-12 command-line access to the router 7-18
Index security 7-21 standard configuration 7-1 to 7-10 troubleshooting 7-28 command-line access to the router 7-10 verification 7-28 EIGRP routing 7-10 ISDN backup with dialer profiles Ethernet interface 7-4 assumptions 7-29 global parameters 7-3 command-line access to the router 7-39 network diagram 7-3 EIGRP routing 7-39 security 7-4 Ethernet interface 7-33 serial interface 7-5 ISDN interface 7-36 subinterface 7-6 security 7-32 verification 7-5, 7-7 serial interface 7-33 frame-relay
Index ip mroute cache command 7-33 EIGRP routing 5-45 ip route command 5-10, 7-48 ISDN interfaces 5-43 IPSec configuration 2-1 security 5-41 ip subnet-zero command 6-3 static routes 5-46 ip unnumbered command 5-7, 6-5, 7-24, 8-14 dial-in pool configuration 5-39 to 5-46 ipx delay command 7-46 dial-up ipx network command 4-5, 5-5, 6-4, 7-4, 8-5, 9-4 command-line access to the router 5-16 ipx route command 7-48 Fast Ethernet interface 5-5 ipx routing command 4-4, 5-4, 6-3, 7-3, 8-4, 9-3 globa
Index isdn switch-type command 5-4, 7-21, 9-12 N isdn x25 dchannel command 9-24 isdn x25 static-tei command 9-24 NAT configuration 3-3 configuration example 3-4 L overview A-10 Network Address Translation LAN A-12 See NAT segmentation A-12 with VLANs A-14 Layer 2, encapsulating interfaces A-14 network command 6-5, 7-10 network diagram asynchronous connections leased line configuration 6-3 to 6-6 dial-in pool 8-11 configuration assumptions 6-1 dial-up 5-40, 6-2, 8-3, 8-11 Frame Relay Fast Ethe
Index no auto-summary command 6-5 ppp multilink command 5-8, 7-25 no cdp enable command 8-14 prompts for command modes (table) 1-4 no crypto engine accelerator command 2-3 no fair-queue command 5-43, 7-47 no ip address command 5-35, 7-14 R no ip domain-lookup command 6-3 redundancy in VLANs A-14 no ip route-cache command 7-33 reset command B-4 no ipx route-cache command 5-7 resources, sharing between VLANs A-14 no shutdown command 5-6, 6-4, 7-4, 8-5, 9-4 ROM monitor note, definition xv comma
Index routers, in switched VLANs A-14 show ppp multilink command 5-13 routing between VLANs A-14 show service module command 7-16 show vlans command 4-8 show x25 map command 9-8 S show x25 vc command 9-8 saving your configuration 1-10 snapshot client command 7-7, 8-6, 9-15 Security, IP software conventions xv See IPSec terminal emulation 1-2 security, VLANs A-13 segmentation A-12 description A-12 stack command B-12 sysret command B-13 with VLANs A-14 service-module 56k clock source command 7-
Index ISDN network dialer profiles 5-29 management A-13 dial-up 5-16 performance A-13 leased line 5-38 redundancy in A-14 leased line 6-7 routers in A-14 X.
Index security 9-14 verification 9-13, 9-16 over ISDN D channel assumptions 9-20 configuration 9-20 to 9-28 network diagram 9-20 standard configuration assumptions 9-1 command line access to the router 9-9 description 9-2 to 9-9 network diagram 9-2 troubleshooting 9-29 verification 9-5 X.
