Specifications

ManualsBrandsCisco ManualsComputer equipmentAS5800

Table Of Contents

170 West Tasman Drive

San Jose, CA 95134-1706

USA

http://www.cisco.com

Cisco Systems, Inc.

Corporate Headquarters

Tel:

800 553-NETS (6387)

408 526-4000

Fax: 408 526-4100

Cisco AS5800 Operations,

Administration, Maintenance, and

Provisioning Guide

Customer Order Number: DOC-7810814=

Text Part Number: 78-10814-02

Summary of content (334 pages)

PAGE 1
Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
PAGE 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
PAGE 3
C O N T E N T S Preface ix Document Objectives Audience ix ix Document Organization x Document Conventions x Safety Warnings xi Related Documentation For More Information xii xiv Obtaining Documentation World Wide Web xiv xiv Documentation CD-ROM xiv Ordering Documentation xv Documentation Feedback xv Obtaining Technical Assistance Cisco.
PAGE 4
Contents Saving Configurations Undoing a Command 1-11 1-11 Basic Cisco AS5800 Start Up 1-11 Cisco AS5800 First-Time Boot 1-15 Cisco AS5800 Boot Process Dial-Shelf Booting 1-15 Using the Setup Script 1-16 Running the Setup Script Passwords 1-15 1-16 1-17 Setup-Script Initial Configuration Deployment and Operation Strategy CHA PTER 2 Commissioning 1-17 1-22 2-1 Commissioning the Cisco AS5800 Hardware 2-1 Understanding the Basic Hardware Architecture 2-2 Cisco 7206 Router Shelf and Cis
PAGE 5
Contents Task 8. Confirming the Final Running Configuration CHA PTER 3 Operations 2-39 3-1 Verifying Modem Performance 3-1 Background on Asynchronous Data Communications Understanding Modem Modulation Standards Initiating a Modem Loopback Test Call 3-7 3-9 Initiating and Inspecting a V.
PAGE 6
Contents CHA PTER 5 Maintenance 5-1 Replacement Procedures 5-1 Powering Off the Access Server 5-2 Replacing a DC Power Entry Module Replacing a Filter Module 5-4 5-8 Replacing an AC-Input Power Supply 5-13 Replacing a Dial-Shelf Controller Card Replacing a Flash Memory Card 5-22 Replacing the Blower Assembly 5-25 5-15 Replacing a Dial-Shelf Interconnect Port Adapter Replacing the Backplane Module Troubleshooting AS5800 Router Shelf AS5800 Dial Shelf Feature Cards 5-44 5-45 5-45 Genera
PAGE 7
Contents Obtaining a New Cisco IOS Version 6-6 Backing Up Your AS5800 Configuration Installing New IOS Software Modem Upgrading Modem Upgrades 6-8 6-13 6-14 Debugging a Modem 6-14 Upgrading Modem Firmware 6-14 Modem Operation at Bootup 6-17 Split Dial Shelves 6-7 6-18 Split-Dial-Shelf Configuration Changing to Split Mode Leaving Split Mode 6-18 6-18 6-21 Potential Split-Dial-Shelf Problems 6-21 Split-Dial-Shelf Show Commands Managing a Split Dial Shelf 6-21 6-23 Configuring Split-Di
PAGE 8
Contents Dial Interface A-21 IP Address Pools A-23 Virtual Template A-25 SGBP A-26 VPDN A-27 SNMP A-28 Virtual Profiles A-29 Multilink Virtual Template V.
PAGE 9
Preface This section discusses the following: • Document Objectives, page ix • Audience, page ix • Document Organization, page x • Document Conventions, page x • Related Documentation, page xii • Obtaining Documentation, page xiv. • Obtaining Technical Assistance, page xv Document Objectives This document serves as a software installation and configuration guide describing detailed configuration management alternatives for the Cisco AS5800 universal access server.
PAGE 10
Preface Document Organization This guide is intended primarily for the following audiences: • Customers with technical networking background and experience • Customers who support dial-in users • System administrators who are familiar with the fundamentals of router-based internetworking, but who may not be familiar with Cisco IOS software • System administrators who are responsible for installing and configuring internetworking equipment, and who are familiar with Cisco IOS software Document Organ
PAGE 11
Preface Document Conventions Note Caution Timesaver Tips Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual. Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. Means the action described saves time. You can save time by performing the action described in the paragraph. Means the following information will help you solve a problem.
PAGE 12
Preface Related Documentation Warnung Dieses Warnsymbol bedeutet Gefahr. Sie befinden sich in einer Situation, die zu einer Körperverletzung führen könnte. Bevor Sie mit der Arbeit an irgendeinem Gerät beginnen, seien Sie sich der mit elektrischen Stromkreisen verbundenen Gefahren und der Standardpraktiken zur Vermeidung von Unfällen bewußt.
PAGE 13
Preface Related Documentation Note An asynchronous card needs to be installed in the Cisco 3640 to use it as a remote console server. The Cisco AS5800 and the Cisco 3640 system controller network management system are available to help you manage your dial POP site efficiently and effectively. Each of these products is supported by documentation available on the Cisco.com website. Timesaver Table 1 Verify that you have access to the documents listed in Table 1.
PAGE 14
Preface For More Information For More Information The Cisco IOS software running your Cisco AS5800 includes extensive features and functionality. For information about configuring Cisco AS5800, use the following resources: • For Cisco AS5800 universal access server hardware installation and maintenance information, refer to the Cisco AS5800 Access Server Hardware Installation Guide, available online at http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/as5800/hw_inst/index.htm.
PAGE 15
Preface Obtaining Technical Assistance Ordering Documentation Cisco documentation is available in the following ways: • Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace at http://www.cisco.com/cgi-bin/order/order_root.pl • Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store at http://www.cisco.
PAGE 16
Preface Obtaining Technical Assistance Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco. To access Cisco.com, go to the following website: http://www.cisco.
PAGE 17
Preface Obtaining Technical Assistance Documentation Feedback If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. You can e-mail your comments to bug-doc@cisco.com. To submit your comments by mail, for your convenience many documents contain a response card behind the front cover.
PAGE 18
Preface Obtaining Technical Assistance Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide xviii DOC-7810814=
PAGE 19
C H A P T E R 1 Introduction The Cisco AS5800 universal access server is the latest entry into Cisco’s award-winning AS5x00 series of universal access servers, and provides the highest concentration of modem and integrated services digital network (ISDN) terminations available in a single remote access concentrator product.
PAGE 20
Chapter 1 Introduction Cisco AS5800 Functional Profile In addition to the system controller, a network management system (CiscoWorks) with a graphical user interface (GUI) runs on a UNIX SPARC station and includes a database management system, polling engine, trap management, and map integration. The dial shelf contains ingress interfaces (CT1/CE1/PRI) that terminate ISDN and modem calls, and break out individual calls (DS0s) from the appropriate telco services.
PAGE 21
Chapter 1 Introduction Cisco AS5800 Hardware Review Cisco AS5800 Hardware Review The Cisco AS5800 consists of two primary system components, the Cisco 5814 dial shelf (DS) and the Cisco 7206 router shelf (RS). For detailed Cisco 7206 router-shelf hardware specifications and functionality, refer to the following documents: • Cisco 7200 VXR Installation and Configuration Guide, available online at http://www.cisco.
PAGE 22
Chapter 1 Introduction Cisco AS5800 Hardware Review Note A virtual console can be opened from the RS to any feature card (including the DSC). System Architecture The Cisco AS5800 system architecture consists of backplane bus connections that provide communications between the dial shelf and the host router shelf, monitor system environment conditions, and transmit clock/frame pulses to feature/DS controller cards.
PAGE 23
Chapter 1 Introduction Network Topology and Equipment Selection Network Topology and Equipment Selection Figure 1-1 shows the topology devices used to build dialup access environments.
PAGE 24
Chapter 1 Introduction Network Topology and Equipment Selection Configuration Design Parameters Before Cisco AS5800 equipment is deployed at your site, define the following configuration design parameters: • IP subnetting and address strategy • Device parameters • Network dial plan Figure 1-2 IP Subnetting Diagram Hq-access 172.22.66.0/26 PSTN V NAS loopbacks 172.22.90.0/24 172.22.99.0/24 Clients IP intranet Modems Internet Note 33179 Internet firewall Uses private RFC 1918 IP addresses.
PAGE 25
Chapter 1 Introduction Network Topology and Equipment Selection 4. NAS loopback 0 (172.22.99.0/24) – Identifies with a unique and stable IP address. One unique IP address from a common block of addresses is assigned to each device in the IP network. This technique facilitates security-filtering easy for the network operations center (NOC). – One class C subnet used for device identification can support 254 distinct devices with unique loopback addresses. 5. NAS loopback 1 (172.22.90.
PAGE 26
Chapter 1 Introduction Cisco IOS Software Fundamentals Dial Plan The following list describes dial plan setup considerations. 1. PRI telephone numbers assigned to the T1 trunks. One number is used for testing new modem firmware and the other for isolating debugs for specific users. – 4085551234 – 4085556789 2. ISDN PRI switch type – 5ESS 3.
PAGE 27
Chapter 1 Introduction Cisco IOS Software Fundamentals Command Modes When using the CLI, a command interpreter, called EXEC, is employed by the operating system to translate any command and execute its operation. This command interpreter has two access modes, user and privileged, which provide security to the respective command levels. Each command mode restricts you to a subset of mode-specific commands. User mode provides restricted access and limits router configuration or troubleshooting.
PAGE 28
Chapter 1 Introduction Cisco IOS Software Fundamentals Table 1-1 Common Command Modes (continued) Command Mode Prompt Access Method Escape Method Interface configuration 5800-1(config-if)# Enter the interface type and number command, such as interface ethernet 0/0/0. Use the exit command to escape to global configuration mode. Use the end (Ctrl-Z) command to escape directly to privileged EXEC mode.
PAGE 29
Chapter 1 Introduction Basic Cisco AS5800 Start Up Saving Configurations To prevent losing the Cisco AS5800 configuration, save it to NVRAM using the following steps. Step 1 Enter the enable command and password. You are in privileged EXEC mode when the prompt changes to 5800-1#. 5800-1> enable Password: password 5800-1# Note Step 2 Press Ctrl-Z to return to privileged EXEC mode. Any subsequent system response message is normal and does not indicate an error.
PAGE 30
Chapter 1 Introduction Basic Cisco AS5800 Start Up Figure 1-3 Cisco 7206 Router-Shelf Console Port Port adapter lever Dial shelf interconnect port adapter Port adapters 3 EN R X TX R X TX 1 R ETHERNET-10BFL X TX 2 R X TX 3 R X TX 4 EN AB LE D K FAST ETHERNET 2 LIN LB CD TD TC RD RC RD RC LB 1 CD TD TC FAST SERIAL CD TC RD RC LB TD RC LB CD TD TC RD EN 2 0 0 4 3 K 1 EN 3 LIN AB 2 1 0 LE D 6 5 ETHERNET 10BT A T 1 FE M II FAST ETHER
PAGE 31
Chapter 1 Introduction Basic Cisco AS5800 Start Up Figure 1-4 Cisco AS5800 Universal Access Server—Front View 5 LINK RX ETHERNET-10BFL TX RX 0 TX RX 1 TX RX 2 TX RX TX 3 4 1 3 0 1 2 3 0 EN 2 3 ENA BLE D 6 Router shelf ETHERNET 10BT 4 TD TC RD RC LB D FAST ETHERNET 2 LIN K ENA CD BLE RC LB CD TD TC RD RC LB 1 CD TC RD EN TD TC RD RC LB CD TD FAST SERIAL 1 POWER OT MII FAST ETHERNET INPUT/OUTPUT CONTROLLER FE 0 SL LE AB EN D IA T E
PAGE 32
Chapter 1 Introduction Basic Cisco AS5800 Start Up Figure 1-5 Cisco AS5800 Universal Access Server—Rear View Power switches (to boot system) Router shelf NETWORK PROCESSING ENGINE-150 Double ground lug Dial shelf PEMs POWER POWER MISWIRE MISWIRE Filter module –48V –48V RTN C NC NO –48V –48V RTN C NC NO AC-input power shelf (optional) H11450 Safety cover not shown Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 1-14 DOC-7810814=
PAGE 33
Chapter 1 Introduction Cisco AS5800 First-Time Boot Cisco AS5800 First-Time Boot When you power ON your Cisco AS5800, it goes through the following boot sequence: 1. A power-on self-test diagnostics program verifies basic operation of the CPU, memory, and interfaces. 2. The system bootstrap software executes and searches for a valid Cisco IOS software image. The Cisco IOS software source image is determined by the configuration register setting.
PAGE 34
Chapter 1 Introduction Using the Setup Script Using the Setup Script The setup script is designed to provide you with the minimum requirements needed to get your router running. The setup script enables your system controller to “talk” to the network. You can then configure your system using command-line interface (CLI) commands, or by downloading a predetermined site configuration file.
PAGE 35
Chapter 1 Introduction Using the Setup Script Passwords Several passwords are used when configuring your Cisco IOS software. Passwords are used to identify user authorization and permission rights, virtual terminal configuration, and network management software initialization. Most passwords can use the same notation. You need the following types of passwords when configuring Cisco IOS software: • Enable password—A nonencrypted and, therefore, less secure password.
PAGE 36
Chapter 1 Introduction Using the Setup Script Note The messages vary, depending on the Cisco IOS software release and feature set you selected. The screen displays in this section are for reference only and might not exactly reflect the messages on your console. System Bootstrap, Version 12.x(19990210:195103) [12.0XE 105], Copyright (c) 19xx-20xx by cisco Systems, Inc.
PAGE 37
Chapter 1 Introduction Using the Setup Script Press RETURN to get started! The system then asks if you would like to enter the system configuration dialog. Answer yes and configure your software using the system configuration dialog. Note Step 1 If you make a mistake, you can exit and run the system configuration dialog again. Press Ctrl-c, and type setup at the enable mode prompt ( 5800#). Enter yes at the following prompt if you are ready to continue with the system configuration dialog.
PAGE 38
Chapter 1 Introduction Using the Setup Script Step 8 If you plan to use a system controller network management system through which you can administer your Cisco AS5800, enter yes to the following prompt, then enter substitute your own IP address and system controller password when prompted. Configure System Management? [yes/no]: yes System Controller IP address: 10.10.1.
PAGE 39
Chapter 1 Introduction Using the Setup Script After you enter the interface used to connect to the management network, the system software will automatically display the command script that was just created. The following configuration command script was created: hostname 5800-1 enable secret 5 $1$g74v$J87e3eDZdh0wWIR7m4ELy/ enable password shhhh line vty 0 4 password alwaysup syscon address 10.10.1.
PAGE 40
Chapter 1 Introduction Deployment and Operation Strategy Deployment and Operation Strategy The following steps describe and suggest a recommended deployment and operation task strategy for the Cisco AS5800 that serves as a functional task flow for this Guide.
PAGE 41
Chapter 1 Introduction Deployment and Operation Strategy • Line signaling • D-channels (ISDN) • AAA • Modem pools • TTY line • Async interface • Dial interface • IP address pools • Virtual template • SGBP • VPDN • SNMP • Virtual profiles • Multilink virtual templates • V.
PAGE 42
Chapter 1 Introduction Deployment and Operation Strategy Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 1-24 DOC-7810814=
PAGE 43
C H A P T E R 2 Commissioning Whether you are a corporate end user or a competitive Internet service provider (ISP), you have purchased a Cisco AS5800 network access server (NAS) to provide dialup services that facilitate accessibility for remote or roaming personnel, or Internet admission to consumers for e-mail, e-commerce, and web browsing.
PAGE 44
Chapter 2 Commissioning Understanding the Basic Hardware Architecture Understanding the Basic Hardware Architecture To build an access network using the Cisco AS5800, it is necessary to understand: • The Cisco 7206 router shelf • The Cisco 5814 dial shelf • Call-processing components Cisco 7206 Router Shelf and Cisco 5814 Dial Shelf The Cisco AS5800 access server contains: • A Cisco 7206 router shelf (egress interface). It connects to the IP backbone.
PAGE 45
Chapter 2 Commissioning Understanding the Basic Hardware Architecture Note The Cisco IOS software uses a three-element notation to specify interface and port locations: shelf/slot/port. • The Cisco 7206 router shelf contains the following: – Port adapters. In the example, the Cisco 7206 uses Fast Ethernet (FE) 0/1/0 to connect to the IP backbone. – A dial-shelf interconnect (DSI) port adapter. In the example, the adapter is located at 0/2/0.
PAGE 46
Chapter 2 Commissioning Understanding the Basic Hardware Architecture Figure 2-2 Cisco AS5800 Call-Processing Components Inside a Cisco network access server IP network Routing and switching engine Group-async interface Dialer interface controlling the D channels Cloning Asynchronous interfaces Cloning TTY lines Serial interface channels S0:1, S0:2… Modems TDM bus T1 controllers PRI lines PSTN POTS line Client PC BRI line Client modem ISDN router Client PC Legend = Synchronous PPP = Co
PAGE 47
Chapter 2 Commissioning Task 1. Verifying Basic Setup Task 1.
PAGE 48
Chapter 2 Commissioning Task 1. Verifying Basic Setup • In the previous segment, the NAS decompresses the system boot image, tests the NVRAM for validity, and decompresses the Cisco IOS software image. Sometimes boot images do not support hardware cards. Sample error messages look like this: %PA-2-UNDEFPA: Undefined Port Adapter %OIR-3-SEATED: Insert/removal failed Ignore these messages and do not ignore error messages that appear after the Cisco IOS software image decompresses.
PAGE 49
Chapter 2 Commissioning Task 1. Verifying Basic Setup The following system message and prompt appears. --- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: no • Because the NAS has never been configured, the Cisco IOS software cannot find a startup-config file. In this example, the Cisco IOS software is configured manually. The automatic setup script is not used.
PAGE 50
Chapter 2 Commissioning Task 1. Verifying Basic Setup Matching the Cisco IOS Software Images The dial shelf and router shelf run separate Cisco IOS software images: • Both images must be from the same Cisco IOS release. They must match. Cisco IOS Release 12.0(4)XL1 is used in this example. • The router shelf’s image is in the Cisco 7206s Flash memory. It begins with “c5800.” The dial shelf’s image is in the DSC card. It begins with “dsc.
PAGE 51
Chapter 2 Commissioning Task 1. Verifying Basic Setup On the dial shelf, check the Cisco IOS software image, uptime, and restart reason. If you do not have a physical console connection to the dial shelf, enter the execute-on slot [12 | 13] show version command. The DSC can be in slot 12 or 13. 5800# execute-on slot 12 show version DA-Slot12> Cisco Internetwork Operating System Software IOS (tm) 5800 Software (C5800-DSC-M), Version 12.
PAGE 52
Chapter 2 Commissioning Task 1. Verifying Basic Setup • Each modem card contains its own DRAM memory. Double-density modem modules (DMM) require at least 64 MB of memory with Cisco IOS Release 12.0. Hex modem modules (HMM) require at least 32 MB with Cisco IOS Release 11.3. Each card performs its own call processing. • A fully populated DMM card contains 144 modems. The dial shelf in the example contains 1296 modems. • A normal CPU utilization range for modem cards is between 20 to 40 percent.
PAGE 53
Chapter 2 Commissioning Task 1. Verifying Basic Setup The following messages appear on the console-terminal session after the DSC card is physically removed from slot 12 and re-inserted. Approximately 120 seconds elapse before all these messages appear.
PAGE 54
Chapter 2 Commissioning Task 1. Verifying Basic Setup Feature-Card Troubleshooting Tips If the show dial-shelf command reports that feature cards are booting for extended periods of time, start debugging from the router shelf by using the following commands: debug dsip transport debug dsip trace show dsi • Debug dsip transport shows the registered MAC address sent from each feature board. • Debug dsip trace displays detailed DSIP Hello and Keepalive messages.
PAGE 55
Chapter 2 Commissioning Task 1. Verifying Basic Setup • Verify that each feature card’s MAC address is registered by DSIP. Unregistered cards cannot communicate with the system. Shelf 0 is the router shelf (master). Shelf 1 is the dial shelf (slave).
PAGE 56
Chapter 2 Commissioning Task 1. Verifying Basic Setup Checking the Initial Running-Config The Cisco IOS software creates an initial running configuration. To familiarize yourself with default settings, inspect the software configuration as follows: Step 1 Display the configuration on the Cisco 7206 router shelf: 5800# show running-config Building configuration... Current configuration: ! version 12.
PAGE 57
Chapter 2 Commissioning Task 1. Verifying Basic Setup interface Group-Async0 no ip address no ip directed-broadcast group-range 1/2/00 1/10/143 ! ip classless no ip http server ! ! line con 0 transport input none line aux 0 line vty 0 4 line 1/2/00 1/10/143 modem InOut no modem log rs232 ! end Step 2 Without connecting to the DSC, display the configuration on the Cisco 5814 dial shelf: 5800# execute-on slot 12 show running-config DA-Slot12# Building configuration... Current configuration: ! version 12.
PAGE 58
Chapter 2 Commissioning Task 1. Verifying Basic Setup Exploring the Cisco IOS File System Familiarize yourself with the file system and memory storage areas. The Cisco IOS file system provides a consolidated interface to: • The Flash memory file system • The network file system (TFTP, rcp, and FTP) • Any other endpoint for reading or writing data (such as NVRAM, modem firmware, the running configuration, ROM, raw system memory, Xmodem, and Flash load helper log).
PAGE 59
Chapter 2 Commissioning Task 1. Verifying Basic Setup Table 2-2 Memory Location Descriptions (continued) Component Description slot0: flash: slot1: PCMCIA Flash memory cards in the router shelf. They store Cisco IOS software images, modem firmware/portware, and custom web pages. bootflash: Flash memory on the Cisco 7206’s motherboard. nvram: Nonvolatile configuration memory. dsc12-slot0: dsc12-slot1: PCMCIA Flash memory cards in the DSC card.
PAGE 60
Chapter 2 Commissioning Task 1. Verifying Basic Setup • Inspect the Flash memory on the router and dial shelves. Both images must have matching Cisco IOS release number. In this example, both images are from Cisco IOS Release 12.0(4)XL1. As the chassis boots up, the images are copied, decompressed, and loaded into DRAM memory.
PAGE 61
Chapter 2 Commissioning Task 1. Verifying Basic Setup • Inspect the NVRAM memory on the router and dial shelves. Three files are present: – The initial boot or startup-config. – The private-config is a secure file that supports encryption technologies. It is not user accessible. – The underlying-config is the version of the startup-config that is stored in NVRAM.
PAGE 62
Chapter 2 Commissioning Task 1. Verifying Basic Setup Table 2-3 describes the significant fields in the previous display: Table 2-3 Step 2 Show Memory Summary Output Field Descriptions Field Description Processor Processor memory. The Cisco IOS software image is initially read out of Flash memory, decompressed, and placed in main memory. Routing tables and call control blocks are also stored in main memory. I/O Packets are temporarily stored in I/O memory.
PAGE 63
Chapter 2 Commissioning Task 1. Verifying Basic Setup Verifying CPU Utilization High utilization causes network performance problems. Knowing when the router is running at over 50% utilization is critical because the router might start dropping packets if an unexpected traffic burst comes through or if OSPF gets recalculated. Fast switching reduces CPU utilization.
PAGE 64
Chapter 2 Commissioning Task 2. Configuring Basic Cisco IOS Software Task 2. Configuring Basic Cisco IOS Software Apply a basic-running configuration to the NAS: Tips • Configuring the Host Name, Enable Secret Password, and Time Stamps, page 2-22 • Configuring Local AAA Security, page 2-23 • Setting Up a Log In Banner, page 2-24 • Configuring Basic IP, page 2-25 Periodically save the configuration by using the copy running-config startup-config command.
PAGE 65
Chapter 2 Commissioning Task 2. Configuring Basic Cisco IOS Software Configuring Local AAA Security Configure AAA to perform login authentication by using the local username database. The login keyword authenticates EXEC shell users. Additionally, configure PPP authentication to use the local database if the session was not already authenticated by login. AAA is the Cisco IOS software security model used on all Cisco devices.
PAGE 66
Chapter 2 Commissioning Task 2. Configuring Basic Cisco IOS Software Step 3 Log in with your username and password: 5800-NAS# login User Access Verification Username:admin Password: 5800-NAS# A successful login means that your local username works on any TTY or VTY line. Do not disconnect your session until you can log in. Setting Up a Log In Banner Create a login banner. However, do not tell users what device they are connecting to until after they log in.
PAGE 67
Chapter 2 Commissioning Task 2. Configuring Basic Cisco IOS Software Configuring Basic IP To configure a basic dial access service: • Configure two loopback interfaces. • Bring up one Fast Ethernet interface. • Add an IP route to the default gateway. Follow this procedure: Step 1 Assign the IP addresses, and create an IP route to the default gateway. ! interface Loopback0 ip address 172.22.99.1 255.255.255.255 ! interface Loopback1 ip address 172.22.90.1 255.255.255.
PAGE 68
Chapter 2 Commissioning Task 3. Enabling the T3/T1 Controllers Task 3. Enabling the T3/T1 Controllers Configure the settings for the T3/T1 controllers. They must match the telco’s settings on the telephone switch. Mismatched settings cause problems; sometimes these problems are not detected for a long time. Figure 2-4 displays the logical controller components inside a Cisco AS5800. The figure shows that a T3 trunk card requires T1 and T3 controller configuration settings.
PAGE 69
Chapter 2 Commissioning Task 3. Enabling the T3/T1 Controllers Step 2 Configure the T3 controller. There are 28 T1 controllers in one T3. In this example, only the fourth controller is configured. The t1 4 controller command automatically creates the logical controllers controller t1 1/0/0:4. The number of logical T1 controllers should match the number of TI PRI lines coming into your T3.
PAGE 70
Chapter 2 Commissioning Task 3. Enabling the T3/T1 Controllers Table 2-6 describes some of the T3 and T1-controller concepts that are applied in the previous steps. Table 2-6 Controller Terms and Descriptions Concept Description Framing type Defines the control bits and data bits. For T3s, Cisco supports: • M23—M23 multiplexer framing (default) • C-bit—C-bit parity framing For T1s, Cisco supports: Line code type Clock source • ESF—Extended super frame. Required for 64 KB operation on DS0s.
PAGE 71
Chapter 2 Commissioning Task 3. Enabling the T3/T1 Controllers Step 4 Verify that the controllers are up and no alarms or errors are detected. Error counters are recorded over a 24-hour period in 15-minute intervals. In the display output, focus on the data in the current interval. 5800-NAS# show controller t3 T3 1/0/0 is up. Applique type is Channelized T3 No alarms detected.
PAGE 72
Chapter 2 Commissioning Task 3. Enabling the T3/T1 Controllers From the reference point of the NAS, Table 2-7 provides a list of T1 alarm conditions and descriptions. Table 2-7 Alarm Conditions Alarm Description CRC Errors Occur only in ESF format when a CRC bit has an error. Excessive CRC Error Indication (ECRCEI) Reported in ESF format when 32 of any 33 consecutive CRCs are in error. Out of Frame (OOF) Occurs when the framing pattern for a T1 line has been lost, and data cannot be extracted.
PAGE 73
Chapter 2 Commissioning Task 4. Configuring the Serial Interfaces Task 4. Configuring the Serial Interfaces Configure the serial D channels to route incoming voice calls from the PSTN to the integrated modems. The behavior of the B channels is controlled by the D channels configuration instructions. The D channel is the signaling channel. Table 2-8 describes the relationship between T1 controllers and serial interfaces.
PAGE 74
Chapter 2 Commissioning Task 4. Configuring the Serial Interfaces Step 2 Verify that ISDN is functioning properly, and the serial channels are up: • Check the ISDN status. Confirm that Layer 1 reports ACTIVE, and the display field MULTIPLE_FRAME_ESTABLISHED appears at Layer 2. For PRI lines, the terminal endpoint identifier (TEI) is always 0. The Layer 3 status reports no active calls.
PAGE 75
Chapter 2 Commissioning Task 5. Configuring Modems and Lines Figure 2-5 Sending a POTs Telephone Call to a NAS POTS PRI Telephone switch ANI 444-1234 DNIS 555-1234 Network gateway receiving analog call Note 33184 Standard POTS telephone The debug ISDN q931 command (with logging console enabled) displays incoming call information on the monitor. • In the called party number is the dial number identification service (DNIS).
PAGE 76
Chapter 2 Commissioning Task 5. Configuring Modems and Lines Step 1 Configure modem control (DCD/DTR) for incoming and outgoing modem calls: ! line 1/2/00 1/10/143 modem InOut ! Note Step 2 The no modem log rs232 command limits the size of the show modem log command’s output. Familiarize yourself with the modem-numbering scheme for the Cisco AS5800. Modems use the shelf/slot/port notation.
PAGE 77
Chapter 2 Commissioning Task 6. Enabling IP Basic Setup TTY line numbers map to specific slots. Each slot is hard coded with 144 TTY lines. In the example, the first modem card is in slot—that is, slot 0 and slot 1 do not contain modem cards. 5800-NAS# Mdm --1/2/00 show modem 1/2/00 Typ Status -------(n/a) Idle Tx/Rx ----0/0 G 1 Duration -------00:00:00 RTS --RTS CTS --CTS DCD DTR ----noDCD DTR Modem 1/2/00, Cisco MICA modem (Managed), Async1/2/00, TTY432 Firmware Rev: 2.6.2.
PAGE 78
Chapter 2 Commissioning Task 7. Testing Asynchronous EXEC Shell Connections Table 2-10 describes the previous commands: Table 2-10 Domain-Name Commands Command Purpose ip domain-lookup Enables IP domain-name lookups. ip host aurora 172.22.100.9 Creates a local name-to-address map. This map is useful when the NAS is not entered in a DNS server. ip domain-name the.doc Tells the NAS how to qualify DNS look ups. In this example, the.doc is appended to the end of each name that is looked up.
PAGE 79
Chapter 2 Commissioning Task 7. Testing Asynchronous EXEC Shell Connections Test Environment Analog PRI Default gateway PSTN Client PC Client modem Network gateway Step 2 33191 Figure 2-6 From a terminal-emulation program, test the EIA/TIA-232 connection to the client modem. Enter the at command. The modem sends an OK return message. at OK Step 3 Dial the PRI telephone number assigned to the NAS (5551234). After the modem successfully connects, a connect message appears.
PAGE 80
Chapter 2 Commissioning Task 7. Testing Asynchronous EXEC Shell Connections Step 5 Determine upon which line the call landed. The following example shows that TTY line 436 accepted the call. The call has been up and active for 20 seconds.
PAGE 81
Chapter 2 Commissioning Task 8. Confirming the Final Running Configuration Task 8. Confirming the Final Running Configuration After you complete the tasks in this section, the final running configuration looks like this: 5800-NAS# show running-config Building configuration... Current configuration: ! version 12.
PAGE 82
Chapter 2 Commissioning Task 8. Confirming the Final Running Configuration voice-port 1/0/0:4:D ! ! process-max-time 200 ! interface Loopback0 ip address 172.22.99.1 255.255.255.255 no ip directed-broadcast ! interface Loopback1 ip address 172.22.90.1 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/1/0 ip address 172.22.66.23 255.255.255.
PAGE 83
C H A P T E R 3 Operations This chapter details Cisco AS5800 routine operations performed on a daily basis to configure router interfaces. In our discussion, local-based authentication is used. After the Cisco AS5800 hardware is commissioned, PPP is configured and tested as described in the section “Configuring PPP and Authentication” on page 25. Verifying Modem Performance This section describes how to verify and test modem performance on a Cisco AS5800 by using an EXEC terminal shell service.
PAGE 84
Chapter 3 Operations Verifying Modem Performance Async DataComm Model Figure 3-1 shows how traditional DTE-to-DCE relationships map to a Cisco network access server (NAS). Data terminal equipment (DTE) uses data communication equipment (DCE) to send data over the PSTN. In the context of EIA/TIA-232 and Cisco IOS software: • The DTE is the client PC and the Cisco IOS TTY lines. • The DCE is the client modem and the modem inside the NAS.
PAGE 85
Chapter 3 Operations Verifying Modem Performance Figure 3-2 Modem Access Connectivity Path Inside a Cisco network access server 4 IP network Asynchronous interfaces Packetswitched half Routing and switching engine 3 Packet interface (Ethernet, frame relay,etc.
PAGE 86
Chapter 3 Operations Verifying Modem Performance EIA/TIA-232 in Cisco IOS Software The Cisco IOS software variation of asynchronous EIA/TIA-232 is shown in Figure 3-3. The variation exists between the Cisco IOS line (DTE) and the NAS modem (DCE). • Six EIA/TIA-232 pins exist between each NAS modem and Cisco IOS line. One or more grounding wires also exist on physical EIA/TIA-232 lines; however, these wires do not convey signaling. • Each pin controls a different EIA/TIA-232 signal.
PAGE 87
Chapter 3 Operations Verifying Modem Performance Table 3-1 EIA/TIA-232 Signal State Behavior Signal Signal Direction Purpose Transmit Data (TxD) ——> (Output) DTE transmits data to DCE. Receive Data (RxD) <—— (Input) DCE transmits received data to DTE. Request To Send (RTS) ——> (Output) DTE uses the RTS output signal to indicate if it can receive characters into the Rx input buffer1. The DCE should not send data to the DTE when DTR input is low (no RTS).
PAGE 88
Chapter 3 Operations Verifying Modem Performance Cisco IOS Line-Side Inspection To display the current modem-hardware states applied to a specific Cisco IOS line, enter the show line tty number command. The states of each logical EIA/TIA-232 pin change according to line conditions and modem events.
PAGE 89
Chapter 3 Operations Verifying Modem Performance Table 3-2 describes some of the significant fields shown in the previous example: Table 3-2 Show TTY Line Field Descriptions Field Description Capabilities Describes different aspects of the line: • The flowcontrol hardware command displays as “Hardware Flowcontrol In, Hardware Flowcontrol Out.” • The modem inout command displays as “modem callout.
PAGE 90
Chapter 3 Operations Verifying Modem Performance To achieve 33600 bps, the channel must deliver: • A response from 244 to 3674 Hz • A SNR of 38 dB or better In practice, toll-quality voiceband circuits support V.34 at speeds of 21600 to 33600 bps. The following six items reduce the achieved V.34 speed: 1. Robbed-bit signaling links in the circuit, which reduce SNR. 2. Extra analog-to-digital conversions.
PAGE 91
Chapter 3 Operations Verifying Modem Performance Table 3-3 V.90 Supported Cisco IOS Releases Chassis Modem Type Cisco IOS Release Cisco AS5800 MICA 11.3(6+)AA 12.0(1+)T Exactly one digital to analog conversion must exist in the circuit. The digital line must connect into a digital switch, not a channel bank. V.90 requires PRI (64k clear-channel DS0s). Channel banks destroy V.90 by adding additional analog-to-digital conversions. Telcos occasionally refer to channel banks as line-side services.
PAGE 92
Chapter 3 Operations Verifying Modem Performance Figure 3-6 Initiating and Terminating a Modem Call on the Same NAS Modem B receive Modem A transmit Call path Digital switch 33172 PSTN NAS Note When calling between two digital modems, you will not achieve V.90. V.90 requires one digital and one analog modem. Step 1 From a workstation, open two Telnet sessions into the NAS. One Telnet session is used to simulate the client. The other session is used to administer and run the debugs.
PAGE 93
Chapter 3 Operations Verifying Modem Performance Tips For channel associated signaling (CAS), robbed bit signaling (RBS), and R2, use the debug cas command. If this command is not included in your software, use the modem-mgmt csm debug-rbs command; however, the service internal command is required.
PAGE 94
Chapter 3 Operations Verifying Modem Performance Step 6 Log in from the client Telnet session. The Cisco IOS software sends out a username-password prompt. This is a secured device. Unauthorized use is prohibited by law. User Access Verification Username:admin Password: Sep Sep Sep Sep Step 7 23 23 23 23 05:04:58.047: 05:04:58.051: 05:04:58.051: 05:05:03.
PAGE 95
Chapter 3 Operations Verifying Modem Performance Note You must have the logging console feature turned on to view this output on the screen. The bearer capability 0x8090A2 indicates an analog voice call. Alternative bearer services include 64K data calls, which are indicated by 0x8890. The calling party number is 408 (also known as ANI). The called party number is 5551234 (also known as DNIS). The debug q931 command shows the call coming into the NAS over ISDN. *Jan 1 00:34:47.
PAGE 96
Chapter 3 Operations Verifying Modem Performance Inspect the different modem trainup phases. The modem goes from Connect to Steady State in 15 seconds. The debug modem csm command displays the trainup phases. The debug modem command displays the logical EIA/TIA-232 transition message “DSR came up.” *Jan *Jan *Jan *Jan *Jan *Jan *Jan *Jan 1 1 1 1 1 1 1 1 00:35:04.759:TTY3:EXEC creation 00:35:04.759:TTY3:set timer type 10, 30 seconds 00:35:08.915:TTY3:Autoselect(2) sample 61 <------------------00:35:09.
PAGE 97
Chapter 3 Operations Verifying Modem Performance Step 11 Generate traffic across the modem link. Force the answering modem (in the NAS) to send a data stream to the client modem. The data stream generated by the show modem log command is about 1 MB. The data should scroll freely for one or two minutes. 5800-NAS> show modem log doc-rtr58-01#sh modem log Modem 1/2/00 Events Log: 3w2d :Startup event:MICA Hex modem (Managed) Modem firmware = 0.7.3.
PAGE 98
Chapter 3 Operations Verifying Modem Performance Parameter #22 Receive Level: -12 dBm Parameter #23 Frequency Offset: 0 Hz Parameter #24 Phase Jitter Frequency: 0 Hz Parameter #25 Phase Jitter Level: 0 degrees Parameter #26 Far End Echo Level: -52 dBm Parameter #27 Phase Roll: 31 degrees Parameter #28 Round Trip Delay: 1 msecs Parameter #30 Characters transmitted, received: 70966, 80 Parameter #32 Characters received BAD: 2 Parameter #33 PPP/SLIP packets transmitted, received: 0, 0 Parameter #35 PPP/SLIP
PAGE 99
Chapter 3 Operations Verifying Modem Performance Table 3-4 Operational Parameter Descriptions for a Loopback Test Call (continued) Parameter Description Parameter #26 Far End Echo Level: -52 dBm Use this field to detect a near-end digital-to-analog conversion. For this test, an acceptable value is less than -55 dB. If you see a high level of far end echo (-55 or higher), a digital-to-analog conversion probably exists between the NAS and the switch. This conversion severely impairs modem performance.
PAGE 100
Chapter 3 Operations Verifying Modem Performance Step 3 Verify that the modem is running the recommended firmware version. The following example shows a U.S. Robotics 56K fax external modem running V.4.11.2. Compare the firmware version with the version that is posted on the modem vendor’s website. The ati3 and ati7 modem firmware commands are commonly used and are shown below: ati3 U.S. Robotics 56K FAX EXT V4.11.2 OK ati7 Configuration Profile...
PAGE 101
Chapter 3 Operations Verifying Modem Performance Step 5 Dial the access server’s telephone number, log in, and access the EXEC shell. The client modem is connected at 48000 bps in this example. atdt14085551234 CONNECT 48000/ARQ This is a secured device. Unauthorized use is prohibited by law. User Access Verification Username:user Password: 5800-NAS> Step 6 Inspect your call on the access server. In the example, the call landed on TTY line 1. The call has been up for 36 seconds.
PAGE 102
Chapter 3 Operations Verifying Modem Performance Modem type is unknown. Session limit is not set. Time since activation: 00:12:24 Editing is enabled. History is enabled, history size is 10. DNS resolution in show commands is enabled Full user help is disabled Allowed transports are lat pad v120 telnet rlogin dsipcon. No output characters are padded No special data dispatching characters Step 8 Preferred is lat.
PAGE 103
Chapter 3 Operations Verifying Modem Performance Parameter #26 Far End Echo Level: -37 dBm Parameter #27 Phase Roll: 0 degrees Parameter #28 Round Trip Delay: 23 msecs Parameter #30 Characters transmitted, received: 67109, 43 Parameter #32 Characters received BAD: 0 Parameter #33 PPP/SLIP packets transmitted, received: 0, 0 Parameter #35 PPP/SLIP packets received (BAD/ABORTED): 0 Parameter #36 EC packets transmitted, received OK: 565, 43 Parameter #38 EC packets (Received BAD/ABORTED): 2 Parameter #39 Rob
PAGE 104
Chapter 3 Operations Verifying Modem Performance Table 3-5 Show Modem Operational-Status Field Descriptions (continued) Parameter Description Parameter 30 Characters transmitted, received: 67109, 43 67109 characters are transmitted by the NAS modem to the client modem over the synchronous/asynchronous connection. Line shape: .........................* ................................* .................................* .................................* ................................* ...........
PAGE 105
Chapter 3 Operations Verifying Modem Performance Step 12 Enter the ati6 command to display, among other things, the receive and transmit-carrier speeds. Compare the displayed information with the output from the show modem operational-status command. If ati6 is not supported by your modem, try at&v1. For additional client report statistics, enable Windows modemlog.txt or ppplog.txt files. ati6 U.S. Robotics 56K FAX EXT Link Diagnostics...
PAGE 106
Chapter 3 Operations Verifying Modem Performance Step 13 Inspect frequency levels (dB) and other diagnostic functions. The following AT commands display the client modem’s view of the frequency response. The display is a companion to the output of the show modem operational-status command (see Step 9).
PAGE 107
Chapter 3 Operations Configuring PPP and Authentication Step 14 (Optional) To return to online mode and the router prompt, enter the ato command. After your enter this command, however, the +++ escape sequence is still in the EXEC session’s input buffer. If you press the carriage return (), you will receive an error about +++ being an unknown command. To clear the input buffer, type Ctrl U after the ato command.
PAGE 108
Chapter 3 Operations Configuring PPP and Authentication Step 3 Log in with your username and password: 5800-NAS# login This is a secured device. Unauthorized use is prohibited by law. User Access Verification Username: theuser Password: 5800-NAS# Caution A successful login means that your local username will work on any TTY or VTY line. Do not disconnect your session until you can log in. (If you get locked out, you will need to perform password recovery by rebooting the device.
PAGE 109
Chapter 3 Operations Configuring PPP and Authentication Configuring LCP Options The group-async interface is a template that controls the configuration of all the asynchronous interfaces in the NAS. Asynchronous interfaces: • Are lines that can run in PPP mode • Use the same number as its corresponding line • Save you time and configuration file size by configuring the asynchronous interfaces as a group-async The client PPP framing must match the Cisco IOS interface. Figure 3-8 shows this concept.
PAGE 110
Chapter 3 Operations Configuring PPP and Authentication Table 3-6 Interface Group Async Command Descriptions (continued) Command Purpose peer default ip address pool addr-pool Assigns dial-in client IP addresses from the pool named addr-pool. no cdp enable Disables the Cisco discovery protocol. no ip directed-broadcast Prevents IP directed broadcasts.
PAGE 111
Chapter 3 Operations Configuring PPP and Authentication Testing Asynchronous PPP Connections Before you troubleshoot PPP negotiation or AAA authentication, you need to understand what a successful PPP and AAA debug sequence looks like. In this way, you can save time and effort when comparing a successful debug session against a faulty completed debug sequence. Successful PPP Negotiation Debug The following steps describe how to initiate a PPP test call and interpret a successful debug sequence.
PAGE 112
Chapter 3 Operations Configuring PPP and Authentication c. After authentication succeeds, check IPCP negotiation. d. If no debug output appears, troubleshoot ISDN Q.931. Use the debug isdn q931 command. Given the debug commands entered in Step 1, the following debug output should be generated by the call: *Sep 24 13:05:49.052: AAA: parse name=tty1/2/09 idb type=10 tty=441 *Sep 24 13:05:49.052: AAA: name=tty1/2/09 flags=0x1D type=4 shelf=0 slot=1 adapter=2 port=9 channel=0 *Sep 24 13:05:49.
PAGE 113
Chapter 3 Operations Configuring PPP and Authentication Failed PPP Negotiation Debugging and Troubleshooting Failed authentication is a common occurrence. Misconfigured or mismatched user names and passwords create error messages in debug output. The following example shows that the username maddog does not have permission to dial into the NAS. The NAS does not have a local username configured for this user.
PAGE 114
Chapter 3 Operations Configuring PPP and Authentication Figure 3-10 Troubleshooting Flow Chart for PPP and Authentication User dials in Do the modems connect? No debug modem debug modem csm show modem log Physical layer Yes LCP negotiation Did it succeed? No debug ppp error debug ppp negotiation No debug ppp authentication debug aaa authentication Yes Authentication negotiation Did it succeed? LCP layer Yes NCP layer Network layer configuration (IPCP) Did it succeed? No debug ppp negoti
PAGE 115
Chapter 3 Operations Configuring PPP and Authentication LCP negotiation is a series of LCP packets exchanged between PPP peers to negotiate a set of options and option values when sending data. The LCP negotiation is actually two separate dialogs between two PPP peers (Peer1 and Peer 2): Peer 1 and Peer 2 do not have to use the same set of LCP options.
PAGE 116
Chapter 3 Operations Configuring PPP and Authentication Inspecting Active Call States After a basic PPP modem call comes into the NAS, you should use some show commands to inspect several active call statistics. If you try to use the client’s web browser after the modems connect, you will test DNS, IP, and other functions. If your test fails, try pinging the DNS server from the device that dialed in.
PAGE 117
Chapter 3 Operations Configuring PPP and Authentication 5800-NAS# show caller user theuser User: theuser, line tty 441, service Async Active time 00:01:24, Idle time 00:01:05 Timeouts: Absolute Idle Idle Session Exec Limits: 00:10:00 Disconnect in: TTY: Line 1/2/09, running PPP on As1/2/09 Location: PPP: 192.168.10.
PAGE 118
Chapter 3 Operations Configuring PPP and Authentication Table 3-7 Show Caller User Command Descriptions (continued) Field Description PPP: LCP Open, CHAP (<- AAA), IPCP Superficial information about what is open in PPP. The field “(<- AAA)” is somewhat misleading. Local authentication is also from AAA. For more detailed IPCP information, enter the show caller user detail command. IP: Local 172.22.66.23, remote 172.22.90.2 The IP addresses on each end of the link.
PAGE 119
Chapter 3 Operations Configuring PPP and Authentication Step 2 Inspect the IP settings of the interface. Notice that IP fast switching is disabled, because TCP/IP header compression is enabled. Turn off TCP/IP header compress to enable fast switching. Enter the no ip tcp header-compression command on the asynchronous interface. 5800-NAS# show ip int async 1/2/02 Async1/2/02 is up, line protocol is up Interface is unnumbered. Using address of FastEthernet0/1/0 (172.22.66.23) Broadcast address is 255.255.
PAGE 120
Chapter 3 Operations Configuring PPP and Authentication Timesaver For more information on this command, refer to Cisco IOS Switching Commands, available online at http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/switch_r/ Confirming the Final Running Configuration After you complete the tasks in this section, the Cisco AS5800 final running configuration looks like the following example: 5800-NAS# show running-config Building configuration... Current configuration: ! version 12.
PAGE 121
Chapter 3 Operations Configuring PPP and Authentication async-bootp dns-server 172.30.10.1 172.30.10.2 isdn switch-type primary-ni isdn voice-call-failure 0 ! ! controller T3 1/0/0 framing m23 cablelength 0 t1 4 controller ! controller T1 1/0/0:4 framing esf pri-group timeslots 1-24 ! ! voice-port 1/0/0:4:D ! ! process-max-time 200 ! interface Loopback0 ip address 172.22.99.1 255.255.255.255 no ip directed-broadcast ! interface Loopback1 ip address 172.22.90.1 255.255.255.
PAGE 122
Chapter 3 Operations Modem Management Operations line vty 0 4 line 1/2/00 1/10/143 autoselect during-login autoselect ppp modem InOut no modem log rs232 ! end Modem Management Operations This section describes how to manage the modems on a Cisco AS5800 by using the Cisco IOS software.
PAGE 123
Chapter 3 Operations Modem Management Operations The following documents are related to modem management operations: • Cisco IOS Release 12.0 Dial Solutions Configuration Guide, chapter on managing modems, available online at http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/ • Cisco IOS Release 12.0 Dial Solutions Command Reference, dialer on dial-in port setup and, within that, on modem-management commands, available online at http://www.cisco.
PAGE 124
Chapter 3 Operations Modem Management Operations Inspecting Modem Firmware Before you upgrade modem firmware for MICA or Microcom modems, you should perform the following tasks: Step 1 Determine the version of firmware that is currently loaded in each modem (for example, 2.6.2.0).
PAGE 125
Chapter 3 Operations Modem Management Operations In the following example, two versions of firmware are found: mica_port_firmware and microcom_firmware. The file mica_board_firmware is not user upgradeable.
PAGE 126
Chapter 3 Operations Modem Management Operations Upgrading Modem Firmware Cisco regularly enhances modem DSP code to improve modem performance. To obtain the latest DSP code, upgrade the NAS modem firmware. Figure 3-12 summarizes the firmware upgrade procedure. Figure 3-12 Modem Firmware Download Operation Example Internet CCO 1 Mica-modem-pw.x.x.x.x. (portware file) Legend TFTP server 2 1 Download the portware from CCO to a TFTP server or directly into the NAS. 2 Map the portware to the modems.
PAGE 127
Chapter 3 Operations Modem Management Operations The following example uses the copy ftp command. The file mica-modem-pw.2.7.1.0.bin is copied from ftp.cisco.com to the bootFlash. Be sure to specify your own CCO username and password in the command line (as indicated in the example). 5800-NAS# ping ftp.cisco.com Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.31.7.
PAGE 128
Chapter 3 Operations Modem Management Operations Depending on which Cisco IOS release is loaded in the NAS, there are two commands that you can use. Table 3-10 describes these two commands. Table 3-10 Modem Mapping Commands Cisco IOS Software Release Command Notes 12.0(5)T and later spe An SPE unit is defined as the smallest software downloadable unit. For Microcom, an SPE is an individual modem.
PAGE 129
Chapter 3 Operations Modem Management Operations Note The SPE range 1/0 to 1/7 is mapped to firmware 2.7.1.0. However, SPE range 2/0 through 2/7 is still mapped to the firmware that is bundled with the Cisco IOS software. ! spe 1/0 1/7 firmware location flash:mica-modem-pw.2.7.1.0.bin spe 2/0 2/7 firmware location system:/ucode/mica_port_firmware ! The following MICA example is for the copy source modem command. Unlike the spe command, the numbers 1/0-1/5 refer to specific modem numbers (slot/port).
PAGE 130
Chapter 3 Operations Modem Management Operations Configuring Modems Using Modem Autoconfigure This section describes how to apply a new modem capability (modemcap) to an integrated modem. A modemcap is a database of setup strings that is used by the modem autoconfigure function to change a modem’s default settings. Modemcaps have many applications: • A modem’s default settings are not optimal. For example, a modem function that you want is not enabled by default.
PAGE 131
Chapter 3 Operations Modem Management Operations Modem Autoconfigure K56Flex Example The following modem-autoconfigure string disables V.8bis/K56Flex. The string &F&D2s53=0 is applied to two MICA modems. Disabling V.8bis reduces trainup time by about two seconds, and it prevents trainup problems with older client modems.
PAGE 132
Chapter 3 Operations Modem Management Operations Note If you detect low connection speeds across all the modems, you may have a faulty channelized T1/E1 or ISDN PRI line connection. Using the Cisco IOS EXEC (CLI) The Cisco IOS software command line interface (CLI) contains many modem management show commands. Use these commands to gather and view modem statistics. This section provides a bulleted list detailing some of the most useful commands.
PAGE 133
Chapter 3 Operations Modem Management Operations Step 3 Display the disconnect reasons for the modems that trained up: 5800-NAS# show modem call-stats 0 dial-in/dial-out call statistics Mdm Total compress # % 237 retrain lostCarr userHgup rmtLink trainup hostDrop wdogTimr # % # % # % # % # % # % # % 916 413 124 9999 1064 8496 0 dial-out call statistics noCarr noDitone Mdm # % # % Total 1715 0 # 0 busy % abort dialStrg autoLgon dialTout # % # % # % # % 0 0 0 0 rmtHgup # % 0 Table 3-12 describes s
PAGE 134
Chapter 3 Operations Modem Management Operations Step 4 Look at detailed disconnect reasons for individual modems: 5800-NAS# show modem call-stats dial-in/dial-out call statistics * * * * * * Step 5 Mdm 1/0 1/1 1/2 1/3 1/4 1/5 1/6 1/7 1/8 1/9 1/10 1/11 1/12 1/13 compress # % 5 2 8 3 3 1 4 1 1 0 2 0 4 1 6 2 5 2 3 1 1 0 2 0 7 2 6 2 retrain lostCarr userHgup rmtLink # % # % # % # % 23 2 7 1 2 1 971 2 18 1 12 2 6 4 949 2 14 1 8 1 2 1 954 2 19 2 9 2 1 0 927 2 20 2 10 2 2 1 961 2 19 2 10 2 4 3 893 1 20
PAGE 135
Chapter 3 Operations Modem Management Operations Step 7 Examine the DS0 timeslots on each T1 that are used to carry the modem calls. The following example shows that the telco is distributing calls into this hunt group evenly across the T1s. There are a total of 29 (20+9) DS0s currently active. The high-water mark reports the highest number of DS0s that were in use at one time. However, be sure to inspect the entire dial pool. Entire T1s have been known to remain idle in some hunt groups.
PAGE 136
Chapter 3 Operations Modem Management Operations 17 18 19 20 21 22 23 pri pri pri pri pri pri pri 2104 1664 1395 1094 811 688 482 6w0d 5w1d 3w6d 3w3d 2w6d 2w0d 1w3d Total DS0's Active High Water Mark: 46 Using Modem Call-Record Terse Starting with Cisco IOS Releases 11.3AA and 12.0T, modem call records can be sent to syslog and examined to perform statistical analysis. For example, you can monitor: • Modulation trends such as V.90 verses V.
PAGE 137
Chapter 3 Operations Modem Management Operations Figure 3-13 Graphed Modem-Connect Speeds for One Month 3000 2500 2000 Total number of 1500 connections 5300-02 1000 33180 500 48 00 72 00 96 0 12 0 00 0 14 40 16 80 19 0 20 21 0 60 24 0 00 26 0 40 28 0 80 31 0 20 32 0 00 33 0 60 34 0 00 36 0 00 38 0 00 40 0 00 42 0 00 44 0 00 46 0 00 48 0 00 50 0 00 5 0 U 200 nk 0 no w n 0 Transmit – connect speeds (bps) Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide DOC-7810814= 3-
PAGE 138
Chapter 3 Operations Modem Management Operations Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 3-56 DOC-7810814=
PAGE 139
C H A P T E R 4 Administration This chapter describes management protocols and Network Access Server (NAS) security and control functionality with AAA and RADIUS servers.
PAGE 140
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Table 4-1 RMON Groups RMON Group Description Alarm Periodic statistical sampling from event generated variables in the probe that compares configured thresholds. Events Controls the generation and notification of events from this device. Filters Enables packet matching by equation filtering to form data streams that may be captured or generate events.
PAGE 141
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Figure 4-1 NTP, SNMP, and Syslog Interactions NTP synchronization SNMP 24527 Syslog Element manager Cisco IOS Table 4-2 provides the RFCs and URLs for the management protocols described in this section. Table 4-2 Management Protocol RFCs Management Protocol RFC URL NTP RFC 1305 http://www.ietf.org/rfc/rfc1305.txt SNMP RFC 1157 http://www.ietf.org/rfc/rfc1157.
PAGE 142
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog An NTP enabled network usually gets its time from an authoritative time source, such as a Cisco router, radio clock, or an atomic clock attached to a timeserver. NTP then distributes this time across the network. NTP is extremely efficient; no more than one packet per minute is necessary to synchronize two machines to within a millisecond of each another. NTP runs over UDP, which in turn runs over IP.
PAGE 143
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Figure 4-2 Syslog Messages Written to Hard Disk Syslog messages Syslog server Cisco IOS Syslog messages written to hard disk Note Step 1 24528 Internal view Cisco System’s UNIX syslog format is compatible with 4.3 BSD UNIX.
PAGE 144
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Step 3 Specify the logging configuration: ! logging 172.22.66.18 logging buffered 10000 debugging logging trap debugging ! Table 4-3 describes the commands in the previous configuration fragment. Table 4-3 Syslog Commands Command Purpose logging 172.22.66.18 Specifies the syslog servers IP address.
PAGE 145
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Enabling SNMP The SNMP traps generated by Cisco routers provide: • Potentially harmful environmental conditions • Processor status • Port status • Security issues The Cisco IOS software generates SNMP traps based on the features that the Cisco IOS software supports. Figure 4-3 shows the interactions and timing of the SNMP protocol between the EM (SNMP manager) and the NAS (SNMP agent).
PAGE 146
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Step 1 Configure the Cisco IOS software to support basic SNMP functions. Access lists 5 and 8 are used for SNMP community strings: • The read only (RO) community string is called “poptarts.” It uses access list 8 as a filter. • The read write (RW) community string is called “pixysticks.” It uses access list 5 as a filter.
PAGE 147
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog Caution Step 2 If you are not using SNMP, make sure to turn it off. Never use a configuration that uses “public” or “private” as community strings—these strings are well known in the industry and are common defaults on hardware. These strings are open invitations to attacks, regardless if you use filters. Monitor SNMP input and output statistics.
PAGE 148
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog The following configuration fragment disables logging on access interfaces: ! interface Serial 0:23 no logging event link-status no snmp trap link-status ! interface Serial 1:23 no logging event link-status no snmp trap link-status ! interface Serial 2:23 no logging event link-status no snmp trap link-status ! interface Serial 3:23 no logging event link-status no snmp trap link-status ! interface Group-Async 1 no logging event
PAGE 149
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog resource-pool disable ! modem-pool Default pool-range 1/2/0-1/10/143 ! ! spe 1/2/0 1/10/11 firmware ios-bundled default modem recovery action none ip subnet-zero no ip source-route ip host guessme 172.22.100.9 ip domain-name the.net ip name-server 172.22.11.10 ip name-server 172.22.12.11 ! async-bootp dns-server 172.30.10.1 172.30.10.
PAGE 150
Chapter 4 Administration Enabling Management Protocols: NTP, SNMP, and Syslog ppp authentication chap pap group-range 1/2/00 1/10/143 ! ip local pool addr-pool 172.22.90.2 172.22.90.254 ip classless ip route 0.0.0.0 0.0.0.0 172.22.66.1 no ip http server ! logging trap debugging logging 172.22.66.18 access-list 5 permit 172.22.67.1 access-list 5 permit 0.0.0.1 172.22.68.20 access-list 8 permit 172.22.67.1 access-list 8 permit 0.0.0.1 172.22.68.
PAGE 151
Chapter 4 Administration Access Service Security Access Service Security The Cisco AS5800 is designed to support a security paradigm providing authentication, authorization, and accounting (AAA) security measures using RADIUS and TACACS+. • Authentication—requires dial-in users to identify themselves and prove their identity, thus preventing wrongful access to lines on your Cisco AS5800, or connecting through the lines directly to network resources.
PAGE 152
Chapter 4 Administration Access Service Security Remote Security Database As your network expands, you need a centralized security database that provides username and password information each access server in the network. This centralized security database resides in a security server. A centralized security database helps establish consistent remote access policies throughout a corporation. An example of a remote security database server is the CiscoSecure product from Cisco Systems.
PAGE 153
Chapter 4 Administration Access Service Security Use RADIUS in the following network environments that require access security: • Networks with multiple-vendor access servers, each supporting RADIUS. For example, access servers from several vendors use a single RADIUS server-based security database. In an IP-based network with multiple vendors access servers, dial-in users are authenticated through a RADIUS server that has been customized to work with the Kerberos security system.
PAGE 154
Chapter 4 Administration Access Service Security – CHANGE PASSWORD - A request is issued by the RADIUS server, asking the user to select a new password. The ACCEPT or REJECT response is bundled with additional data that is used for EXEC or network authorization. You must first complete RADIUS authentication before using RADIUS authorization.
PAGE 155
Chapter 4 Administration Access Service Security Configure Router to RADIUS Server Communication The RADIUS host is normally a multi-user system running RADIUS server software from Livingston, Merit, Microsoft, or another software provider. A RADIUS server and a Cisco router use a shared secret text string to encrypt passwords and exchange responses.
PAGE 156
Chapter 4 Administration Access Service Security For example, the following AV pair causes the Cisco “multiple named ip address pools” feature to be activated during IP authorization (during PPP's IPCP address assignment). cisco-avpair= “ip:addr-pool=first” The following example causes a “NAS Prompt” user to have immediate access to EXEC commands. cisco-avpair= “shell:priv-lvl=15” Other vendors have their own vendor-IDs, options, and associated VSAs.
PAGE 157
Chapter 4 Administration Access Service Security Configure Router to Query RADIUS Server for Static Routes and IP Addresses Some vendor-proprietary implementations of RADIUS let the user define static routes and IP pool definitions on the RADIUS server, instead of on each individual Cisco AS5800 in the network. Each network Cisco AS5800 then queries the RADIUS server for static route and IP pool information.
PAGE 158
Chapter 4 Administration Access Service Security The standard NAS-Port attribute (RADIUS IETF Attribute 5) will continue to be sent. If you do not want this information to be sent, you can suppress it by using the no radius-server attribute nas-port command. When this command is configured, the standard NAS-Port attribute will no longer be sent.
PAGE 159
Chapter 4 Administration Access Service Security RADIUS Authentication and Authorization Example The following example shows a router configuration to authenticate and authorize using RADIUS.
PAGE 160
Chapter 4 Administration Access Service Security • aaa authorization network radius local is used to assign an address and other network parameters to the RADIUS user. • aaa accounting network start-stop radius tracks PPP usage. • aaa authentication login admins local defines another method list, “admins,” for login authentication. • login authentication admins applies the “admins” method list for login authentication.
PAGE 161
Chapter 4 Administration Access Service Security RADIUS Cisco IOS Software Support The following Cisco IOS software support is available for RADIUS. 1. AAA commands 2. RADIUS commands 3. RADIUS & AAA debug commands AAA Commands aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa aaa new-model authentication login CONSOLE none authentication login RADIUS_LIST radius authentication login TAC_PLUS tacacs+ enable authentication login V.
PAGE 162
Chapter 4 Administration Access Service Security Configuring TACACS+ The following global configuration commands provide basic security and local database configuration. Step 1 Enable the AAA access control modem that includes TACACS+. 5800-1(config)# aaa new-model Step 2 Enable AAA authentication method during login. 5800-1(config)# aaa authentication login default local Step 3 Enable AAA authentication method during login using a methods list.
PAGE 163
Chapter 4 Administration Access Service Security Securing Access to Privileged EXEC and Configuration Mode The first step is to secure access to privileged EXEC (enable) mode. Enable mode provides access to configuration mode, which enables any type of configuration change to the Cisco AS5800. To secure privileged EXEC mode access, use one of the following commands. • The enable password password command requires that network administrators enter a password to access privileged EXEC mode.
PAGE 164
Chapter 4 Administration Access Service Security Step 1 Enter the cleartext password used to gain access to privileged EXEC mode. Do not specify an encryption type. 5800-1(config)# enable secret 5800-1(config)# Step 2 password Type the exit command to exit out of global configuration mode. 5800-1(config)# exit 5800-1# Step 3 Enter the show running-config command to view the encrypted version of the cleartext password that was entered in Step 1. The encrypted password is noted with **.
PAGE 165
Chapter 4 Administration Access Service Security Communicating with a TACACS+ Server The following global configuration commands enable communication between the TACACS+ security (database) server and the Cisco AS5800. Step 1 Specify the IP address or the host name of the remote TACACS+ server host. This host is typically a UNIX or NT system running TACACS+ software.
PAGE 166
Chapter 4 Administration Access Service Security Configuring Authentication on a TACACS+ Server On most TACACS+ security servers, there are three ways to authenticate a user for login: • Include a cleartext (DES) password for a user or for a users group (each user can belong to only one group). Note that CHAP and global user authentication must be specified in cleartext.
PAGE 167
Chapter 4 Administration Access Service Security Enabling AAA Globally To use the AAA security facility in the Cisco IOS software, you must issue the aaa new-model command from global configuration mode. When you issue the aaa new-model command, all lines on the Cisco AS5800 receive the implicit login authentication default method list, and all interfaces with PPP enabled have an implicit ppp authentication pap default method list applied.
PAGE 168
Chapter 4 Administration Access Service Security Refer to the “Applying Authentication Method Lists” section on page 4-33 for information about applying these lists.
PAGE 169
Chapter 4 Administration Access Service Security Specify the Authentication Method After you identify a list name, you must specify an authentication method to identify how users will be authenticated. Authentication methods are defined with optional keywords in the aaa authentication command. The following global configuration commands configure authentication methods for PPP. Step 1 Configure for AAA. 5800-1(config)# aaa new-model Step 2 Create a local authentication list.
PAGE 170
Chapter 4 Administration Access Service Security If authentication fails using the first method listed, the Cisco IOS software does not permit access. It does not attempt to authenticate using the subsequent security methods if the user entered the incorrect password. Populate the Local Username Database if Necessary If you specify local as the security method, you must specify username profiles for each user who might log in.
PAGE 171
Chapter 4 Administration Access Service Security Users Dialing In Using PPP The following example creates a TACACS+ authentication list for users connecting to interfaces configured for dial-in using PPP. The name of the list is marketing. This example specifies that a remote TACACS+ daemon be used as the security database. If this security database is not available, the Cisco IOS software then polls the RADIUS daemon. Users are not authenticated if they are already authenticated on a TTY line.
PAGE 172
Chapter 4 Administration Access Service Security In the following example, the login authentication list named rtp2-office, which uses RADIUS authentication, is created.
PAGE 173
Chapter 4 Administration Access Service Security Timesaver If authentication has not been set up for a user, per-user authorization attributes are not enabled for that user. That is, if you want a user to obtain authorization before gaining access to network resources, you must first require that the user provide authentication.
PAGE 174
Chapter 4 Administration Access Service Security Configuring Authorization (Network or EXEC) The following global configuration commands configure network and EXEC authorization. Step 1 Prevents unauthorized users from accessing network resources. 5800-1(config)# aaa authorization network Step 2 Prevents users from logging in to the privileged EXEC facility. 5800-1(config)# aaa authorization exec Step 3 Type Ctrl-Z to return to privileged EXEC mode.
PAGE 175
Chapter 4 Administration Access Service Security Table 4-6 Authorization Methods Authorization Methods Purpose if-authenticated User is authorized if already authenticated. local Uses the local database for authorization. The local database is created using the username privilege command to assign users to a privilege level from 0 to 15, and the privilege level command to assign commands to these different levels. none Authorization always succeeds.
PAGE 176
Chapter 4 Administration Access Service Security TACACS+ Security Examples The following examples show complete security configuration components of a configuration file on a Cisco AS5800. Each example shows authentication and authorization. Local TACACS+ Security Example The following sample configuration uses AAA to configure default authentication using a local security database on the Cisco AS5800. All lines and interfaces have the default authentication lists applied.
PAGE 177
Chapter 4 Administration Access Service Security Note The authentication method lists used in this example use names other than default. However, you generally specify default as the list name for most lines and interfaces, and apply different named lists on an exception basis. These names are used only for illustrative purposes.
PAGE 178
Chapter 4 Administration Access Service Security • A PPP authentication list itsme is created, then applied to group async interface 6, that includes asynchronous interfaces 2/2/0 to 2/2/47. The more secure CHAP authentication is used over PAP.
PAGE 179
C H A P T E R 5 Maintenance This chapter provides hardware replacement, system debugging, and troubleshooting procedures.
PAGE 180
Chapter 5 Maintenance Replacement Procedures Powering Off the Access Server Some procedures in this section require you to power off the access server. See this section when appropriate. Powering off the access server involves removing power from the following components: Warning Step 1 • Router shelf • Dial shelf • AC-input power shelf, if applicable Before working on equipment that is connected to power lines, remove jewelry (including rings, necklaces, and watches).
PAGE 181
Chapter 5 Maintenance Replacement Procedures Step 2 Power OFF (O) the power switches located on each dial-shelf PEM front panel. (See Figure 5-2.
PAGE 182
Chapter 5 Maintenance Replacement Procedures Replacing a DC Power Entry Module This section explains how to remove and replace the power entry modules (PEMs) in the dial-shelf chassis. Note The color coding of the DC-input power supply leads depends on the color coding of the DC power source at your site. Typically, green or green/yellow is used for ground, black is used for +48V (return), and red or white is used for –48V.
PAGE 183
Chapter 5 Maintenance Replacement Procedures Warning Before working on equipment that is connected to power lines, remove jewelry (including rings, necklaces, and watches). Metal objects will heat up when connected to power and ground and can cause serious burns or weld the metal object to the terminals. To remove a PEM, complete the following steps: Step 1 Power OFF the central office circuit breaker connected to the PEM you are removing and tape the switch in the OFF position.
PAGE 184
Chapter 5 Maintenance Replacement Procedures Step 7 Grasp the handle and carefully pull the PEM from the backplane connectors using a gentle rocking motion; then remove the PEM from the DC power supply chassis. (See Figure 5-5.
PAGE 185
Chapter 5 Maintenance Replacement Procedures Connecting to Your DC Power Source If your site has access to a DC power source, you need to provide your own DC power cables. In the United States you need to use 6 AWG stranded or solid copper wire; elsewhere use 16 mm 2 solid or 10 mm2 stranded copper wire.
PAGE 186
Chapter 5 Maintenance Replacement Procedures Step 6 Power ON the central office circuit breaker connected to the PEM you are replacing. Step 7 Power ON ( | ) the power switch located on the PEM front panel. (See Figure 5-4.) This completes the procedure for replacing a PEM and connecting to your DC power source. Continue with section “Verifying and Troubleshooting the Installation” on page 8 for installation troubleshooting tips.
PAGE 187
Chapter 5 Maintenance Replacement Procedures Tools and Parts Required To remove and replace the filter module you need the following parts and tools: • A new filter module (DS5814-DC-FLT=) • 1/4-in. flat-blade screwdriver • ESD-preventive wrist strap • An antistatic bag to return the old filter module For additional equipment, contact a service representative for ordering information. Removing a Filter Module This procedure is ideally performed during a scheduled maintenance time.
PAGE 188
Chapter 5 Maintenance Replacement Procedures Step 2 If you are using the optional AC-input power shelf, power OFF (O) the power switches on the AC-input power shelf front panel. (See Figure 5-8.
PAGE 189
Chapter 5 Maintenance Replacement Procedures Step 4 If you are using the optional AC-input power shelf, disconnect the monitor cable DB-9 connector from the base of the filter module, as shown in Figure 5-9.
PAGE 190
Chapter 5 Maintenance Replacement Procedures Step 5 Grasp the filter module handle and gently pull the filter module about halfway out of the dial-shelf chassis. (See Figure 5-10.
PAGE 191
Chapter 5 Maintenance Replacement Procedures Step 4 If you are using the optional AC-input power shelf, connect the monitor cable DB-9 connector at the base of the filter module and tighten the jackscrews. Verify that the DB-25 connector at the other end of the cable is connected to the AC-input power shelf (see Figure 5-9). Power ON the AC-input power shelf. Step 5 Power ON ( | ) the power switches located on each dial-shelf PEM front panel.
PAGE 192
Chapter 5 Maintenance Replacement Procedures Note Step 3 Power supplies are numbered 1 and 2 from left to right in the power shelf. Lift the metal spring-clip in the center of the ejector lever to release the lock. (The power supplies are secured by self-locking ejector levers. (See Figure 5-11.
PAGE 193
Chapter 5 Maintenance Replacement Procedures Replacing a Dial-Shelf Controller Card The dial-shelf controller (DSC) card serves as the interface between the dial shelf and the Cisco 7206 router shelf. This section lists tools and parts you need, and explains how to remove and replace a DSC card in the Cisco 5814 dial-shelf chassis. Tools and Parts Required The following parts and tools are required to remove and replace the dial-shelf controller card.
PAGE 194
Chapter 5 Maintenance Replacement Procedures To remove a DSC, complete the following steps: Note Step 1 Caution The power LED and MBus LED on the DSC card remain on until the card is disconnected from the backplane. Attach an ESD-preventive wrist strap between you and an unpainted chassis surface. To prevent ESD damage, handle dial-shelf controller cards by ejector levers and carrier edges only and use an ESD-preventive wrist strap or other grounding device.
PAGE 195
Chapter 5 Maintenance Replacement Procedures Step 5 Carefully slide the DSC card partially out of the slot, until you can grasp the card front panel with one hand. Place your other hand under the card to support it. (See Figure 5-13.
PAGE 196
Chapter 5 Maintenance Replacement Procedures Replacing a Dial-Shelf Controller Card Caution DSC cards weigh 8.5 lb (3.8 kg) each. Use two hands when removing or replacing a DSC card. (See Figure 5-13.) Caution If your system is equipped with dual DSCs, Cisco recommends that you perform DSC card replacements during low traffic periods. Use the hw-module / stop command to stop the backup DSC before you remove the backup (slave) DSC.
PAGE 197
Chapter 5 Maintenance Replacement Procedures Step 6 Caution Install a blank filler card (part number DS58-BLANK=) in all empty dial-shelf card slots to keep the chassis dust-free and to maintain proper airflow. To prevent the overheating of internal components and maintain the proper flow of cooling air across the cards, always install blank filler cards in empty slots. This completes the steps for removing and replacing a dial-shelf controller card.
PAGE 198
Chapter 5 Maintenance Replacement Procedures Caution Never disconnect the interconnect cable while the system is operating (except when replacing a redundant DSC card) because you will lose all calls.
PAGE 199
Chapter 5 Maintenance Replacement Procedures Verifying and Troubleshooting the Installation Verify that your new DSC card is properly installed and operative by observing the card LEDs as follows: • Verify that the power LED and MBus LED light after the DSC card has been installed in the dial shelf and the system is powered on. – If both the MBus and power LEDs are on, the card should boot normally. During the boot sequence, the four alarm LEDs momentarily flash and then turn off.
PAGE 200
Chapter 5 Maintenance Replacement Procedures Commands for Dual-DSC-Equipped Systems Table 5-1 shows new or modified commands have been added to support redundant-DSC-equipped systems. Table 5-1 New of Modified Commands Command Level Command Description User show redundancy [history] The show redundancy command displays the current status of the DSCs. The show redundancy hist command displays a table of the last 5 redundancy events for each redundant component on the DSCs.
PAGE 201
Chapter 5 Maintenance Replacement Procedures Note To avoid potential problems when inserting spare Flash memory cards in your DSC cards, we recommend that you reformat your Flash memory cards on a Cisco 7206 router shelf running Cisco IOS Release 11.3AA or later during your regularly scheduled service times. For instructions on formatting a Flash memory card, refer to the Cisco 7206 Installation and Configuration Guide, available online at http://www.cisco.
PAGE 202
Chapter 5 Maintenance Replacement Procedures Removing a Flash Memory Card To remove a Flash memory card from the PCMCIA slot, complete the following steps (see Figure 5-16): Step 1 Press the ejector button on the slot. Step 2 Grasp the card and pull it from the slot. Step 3 Place the card in an antistatic bag.
PAGE 203
Chapter 5 Maintenance Replacement Procedures Replacing the Blower Assembly The Cisco AS5800 is equipped with a blower assembly, which is designed to monitor system internal operating temperatures and maintain acceptable cooling parameters. This section explains how to remove and replace the blower assembly in the dial-shelf chassis. Tools and Parts Required You need the following tools and parts to remove and replace the blower assembly.
PAGE 204
Chapter 5 Maintenance Replacement Procedures Figure 5-17 Blower Assembly Removal and Replacement POWER FAIL Captive screws T R IN T R MA IN T R MA IN T R MA IN T R PU DE MS DE MO CALLS MS DE MO CALLS MA IN T MS DE MO CALLS R PW MA IN T MS DE MO CALLS R PW MA IN T MS DE MO CALLS R PW MA IN T MS DE MO CALLS R PW MA IN T MS DE MO CALLS R PW MA IN T MS DE MO CALLS HCPU FC HCPU HCPU PW FR PU HCPU PW HCPU PW HCPU PW HCPU T1 HCPU
PAGE 205
Chapter 5 Maintenance Replacement Procedures Verifying and Troubleshooting the Installation To verify that the blower assembly is properly installed and operational, complete the following steps: Step 1 Listen to verify that the fans are operative. In noisy environments, you may want to place your hand to the rear of the blower assembly and feel for airflow from the exhaust vent. Step 2 Verify that the green power LED on the blower assembly front panel lights.
PAGE 206
Chapter 5 Maintenance Replacement Procedures Tools and Parts Required You need the following equipment and parts to install the dial-shelf interconnect port adapter. If you need additional equipment, contact a service representative for ordering information.
PAGE 207
Chapter 5 Maintenance Replacement Procedures Caution Always handle adapters by the metal carrier edges and handle; never touch the adapter components or connector pins. Figure 5-19 Port Adapter Handling—Side View Metal carrier H6420 Printed circuit board Step 5 Place the interconnect port adapter on an antistatic surface with its components facing upward. If you are returning the port adapter to the factory, immediately place it in a static shielding bag.
PAGE 208
Chapter 5 Maintenance Replacement Procedures Note If the adapter lever does not move to the locked position, the adapter is not completely seated in the midplane. Carefully pull the adapter halfway out of the slot, reinsert it, and place the lever in the locked position. This completes the procedure for installing a new dial-shelf interconnect port adapter in the router shelf. Continue with the “Attaching the Dial-Shelf Interconnect Cable” section on page 5-30.
PAGE 209
Chapter 5 Maintenance Replacement Procedures Figure 5-21 Connecting the Dial-Shelf Interconnect Cable K 3 2 RX RX TX ETHERNET-10BFL RX TX 0 RX TX 1 2 RX TX TX 3 4 3 1 EN 0 3 EN LIN AB 2 1 0 LE D 6 5 ETHERNET 10BT 4 Dial shelf interconnect port adapter EN AB LE D NK FAST ETHERNET 2 LI RC LB CD LB CD TD TC RD CD TD TC RD 1 RC LB CD TD TC RD RC EN TD TC RD RC LB FAST SERIAL AB LE T 1 M II FAST ETHERNET INPUT/OUTPUT CONTROLLER FE 0 SLO
PAGE 210
Chapter 5 Maintenance Replacement Procedures This completes the dial-shelf interconnect cable installation procedure. To verify the installation, continue with the “Verifying and Troubleshooting the Installation” section on page 5-32. Verifying and Troubleshooting the Installation To complete the installation, verify that the LEDs operate properly by observing the following LED states on the dial-shelf interconnect port adapter: • The power enabled LED is on.
PAGE 211
Chapter 5 Maintenance Replacement Procedures Note You need access to both the front and rear of the Cisco AS5800 universal access server. Some of the procedures are performed from the front and some are performed from the rear. Tools and Parts Required The following parts and tools are required to remove and replace the backplane module. If you need additional equipment, contact a service representative for ordering information. • New backplane module (MAS-5814BP=) • 1/4-in.
PAGE 212
Chapter 5 Maintenance Replacement Procedures Step 2 Power OFF (O) the dial shelf at the power entry modules (PEMs) using the power switches located on the PEM front panels. (See Figure 5-23.
PAGE 213
Chapter 5 Maintenance Replacement Procedures To continue, you must next disconnect power cables and alarm cables to the dial-shelf PEMs. Step 1 Loosen the screws in the DC-input power terminal blocks and the alarm terminal blocks using a 1/4-in. flat-blade screwdriver, and disconnect power cables and alarm cables to the dial-shelf PEMs. Figure 5-25 shows the location of the terminal blocks.
PAGE 214
Chapter 5 Maintenance Replacement Procedures Step 2 Disconnect the monitor cable DB-9 connector from the base of the filter module. (See Figure 5-26.) Figure 5-26 Filter Module Monitor Cable DB-9 Connector . Filter module POWER POWER MISWIRE MISWIRE PEM –48V –48V RTN C NC NO –48V –48V RTN C NC NO DB-9 cable connector H11161 DB-25 cable connector AC-input power shelf Step 3 Disconnect power cables to the optional AC-input power shelf. (See Figure 5-27.
PAGE 215
Chapter 5 Maintenance Replacement Procedures To disconnect the feature cards and dial-shelf controller cards from the backplane, follow these steps: Step 1 Attach an ESD-preventive wrist strap between you and an unpainted chassis surface. Step 2 Disconnect incoming CE1/CT1 trunk line cables and secure them out of the way using cable ties, if necessary. On the dial-shelf controller card, disconnect the dial-shelf interconnect cable and the 10BaseT connection, if applicable.
PAGE 216
Chapter 5 Maintenance Replacement Procedures Step 5 Grasp the ejector levers and pull the card partially out of the dial-shelf slot. (See Figure 5-29.
PAGE 217
Chapter 5 Maintenance Replacement Procedures Step 1 Using a 1/4-in. flat-blade screwdriver, loosen the two captive screws on each PEM front panel. Step 2 Remove the PEMs from the dial shelf and set them aside until you are ready to reinstall them. (See Figure 5-30.
PAGE 218
Chapter 5 Maintenance Replacement Procedures Step 3 Using a 1/4-in. flat-blade screwdriver, loosen the captive screws on the filter module front panel. Step 4 Remove the filter module from the dial shelf and set it aside until you are ready to reinstall it. (See Figure 5-31.
PAGE 219
Chapter 5 Maintenance Replacement Procedures Step 5 Remove the back cover using a number 2 Phillips screwdriver. Remove the screws located on the dial-shelf back cover grill. (See Figure 5-32.) Save the screws. Figure 5-32 Dial-Shelf Chassis Back Cover .
PAGE 220
Chapter 5 Maintenance Replacement Procedures To complete the backplane removal procedure, complete the following steps: Step 1 Disconnect the cable connection to the dial-shelf blower assembly. (See Figure 5-33.
PAGE 221
Chapter 5 Maintenance Replacement Procedures Step 2 Remove the 26 M3 x 8-mm screws around the backplane perimeter using a No. 2 Phillips screwdriver. (See Figure 5-34.) Save the screws. Figure 5-34 Backplane Module—Rear View Capacitors Backplane perimeter screws Connector to blower assembly Card connectors (rear view) Step 3 H11285 Backplane perimeter screws Remove the backplane and place it in an ESD shielding bag.
PAGE 222
Chapter 5 Maintenance Troubleshooting Step 9 Power ON ( | ) the dial shelf using the power switches located on each PEM front panel. Step 10 If using the optional AC-input power shelf, power ON ( | ) the power supplies using the power switches on the power shelf front panel. Step 11 Power ON ( | ) the router shelf using the power switches located on the Cisco 7206 router-shelf rear panel. Step 12 Note the service maintenance on your Site Log sheet.
PAGE 223
Chapter 5 Maintenance Troubleshooting AS5800 Dial Shelf Symptom • Dial-shelf controller shows “down” state. • OIR not detected. Possible Cause • DSIC is not connected securely. • DSC has the incorrect image. • Faulty DSC. Feature Cards Symptom • Feature Cards not coming up. Possible Cause • DSC is in the down state. • FB not seated properly. • FB not in the correct slot. • FB is broken. Controller T1 Symptom • Slips on T1 controllers.
PAGE 224
Chapter 5 Maintenance Troubleshooting General Configuration Symptom • The NAS was working okay, then it does not do what is expected. Possible Cause • Configuration changed, do "diff.". • Equipment failure (modem). • Telco line provision changed. Symptom • Call does not authenticate. Possible Cause • Incorrect AAA authentication. • Login/ppp authentication method not defined or not applied for dialer/group-async/virtual-template. • Misconfigured radius-server.
PAGE 225
Chapter 5 Maintenance Troubleshooting Async Calls Symptom • Async user gets fast busy. Possible Cause • ISDN PRI layer 2 is not up/channel busied out. • ISDN incoming-voice mode not configured. • Modem can not be allocated (busied out, firmware download in progress). • DNIS screening is enabled and access-rejected. • ISDN switch-type reconfigured, NAS needs reload. Symptom • Some users can connect but some can not. Possible Cause • Incorrect password/modem problem.
PAGE 226
Chapter 5 Maintenance Troubleshooting Interactive Users Symptom • Interactive users can not authenticate. Possible Cause • Incorrect method under AAA or method-list under line configuration. • Back-end authentication rejected (RADIUS/TACACS). Symptom • Interactive user authenticates but PPP does not/cannot start (even after “ppp default”). Possible Cause • User is not authorized to start PPP based on RADIUS/TACACS profile. • Unable to assign an IP address.
PAGE 227
Chapter 5 Maintenance Troubleshooting Dedicated-PPP Users Symptom • Interactive async user can connect and authenticate, but dedicated PPP user can not authenticate. Possible Cause • AAA authentication PPP not defined. • Autoselect PPP not defined under line. • Autoselect during-login not defined under line. • Back-end authentication rejected. Symptom • User authenticates but gets disconnected. Possible Cause • IP address could not be allocated - pool/dhcp.
PAGE 228
Chapter 5 Maintenance Troubleshooting Sync Calls Symptom • Sync user gets “no answer” or “busy.” Possible Cause • Controller T1 / isdn layer 2 is down, channels busied out. • ISDN switch-type reconfigured. NAS as need reload. • DNIS screening is enabled and call is rejected due to radius server access-reject. • Telco provisioning problem. MMPPP Symptom • First channel/modem dial-in and connect fine, but second channel/modem does not connect to the same NAS.
PAGE 229
Chapter 5 Maintenance Troubleshooting RADIUS Symptom • No response for Access/Accounting-Requests generated by NAS. Possible Cause • Radius server/ports not reachable from NAS. • NAS not configured/recognized by RADIUS server. • Shared secret does not match. • Unreliable connection between NAS and RADIUS. Symptom • Getting Access-Reject for Access-Request. Possible Cause • User is not in the radius database. Database needs reload. • Incorrectly formatted/configured radius user profile.
PAGE 230
Chapter 5 Maintenance Troubleshooting Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 5-52 DOC-7810814=
PAGE 231
C H A P T E R 6 Provisioning This chapter describes basic hardware and service provision considerations such as system environment requirements, physical infrastructure checklists, IP service considerations, and system upgrade procedures for the Cisco AS5800. For details on the following, refer to the information on preparing for installation in the Cisco AS5800 Access Server Hardware Installation Guide, available online at http://www.cisco.
PAGE 232
Chapter 6 Provisioning Setting Up Basic IP Modem Services The following section discusses: • Planning and designing a basic IP modem dialup network • Deploying networking equipment by configuring, verifying, and troubleshooting the Cisco IOS software • Preparing for operations by inspecting modem call statistics and enabling basic management protocols Figure 6-1 Business Scenario Headquarters providing dialup services PSTN IP intranet Internet firewall Internet 33169 Remote modem users Cisco
PAGE 233
Chapter 6 Provisioning Setting Up Basic IP Modem Services Network-Service Considerations The network-service definition for a corporate user generally differs from that for an ISP, as shown in Table 6-1. Table 6-1 Network-Service-Definition Perspectives Attribute Corporate-User Perspective ISP Perspective Scaling projections Have smaller projections. Have larger projections, and require higher-density network gateways such as the Cisco AS5850. Line requirements Have lower requirements.
PAGE 234
Chapter 6 Provisioning Setting Up Basic IP Modem Services Establishing a Network-Service Definition Begin your implementation of basic IP UPC services by establishing a network service definition. Use the perspectives described in Table 6-1 preceding and in the following list of design and configuration considerations as a guide. A conservative approach is to project your current deployment and design into a three-month, one-year, and five-year timeline.
PAGE 235
Chapter 6 Provisioning Cisco IOS Upgrades Step 11 Step 12 Step 13 Determine where user passwords will be stored in the short term: • Local AAA database in the router • Remote AAA database in a server Determine if an AAA server will be used in the long term. If yes, specify which protocol will be used: • TACACS+ • RADIUS Determine if users will be allowed to change their own passwords.
PAGE 236
Chapter 6 Provisioning Cisco IOS Upgrades Software Upgrade Requisites To upgrade a Cisco IOS software image you need the following: • An established network connection between the PC you are designating as your TFTP server and your access server • Access to the Cisco website (CCO) for downloading the Cisco IOS software Memory Requirements Before installing new software, first determine the amount of available memory in RAM and Flash.
PAGE 237
Chapter 6 Provisioning Cisco IOS Upgrades Step 1 Log onto the Cisco.com website at the following URL to enter your AS5800 image selection criteria: http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi Note Step 2 Images much match the specific version of Cisco IOS software being installed. Example: If attempting to run 12.0.7T, you must run the 12.0.7T dial-shelf (DSC) image (dsc-c5800-mz.XXX) and the 12.0.7T router-shelf image (C5800-p4-mz.
PAGE 238
Chapter 6 Provisioning Cisco IOS Upgrades Step 5 Back up the boot image (c7200-boot-mz.XXX) from bootflash to your TFTP server. Use the file name obtained in Step 4. AS5800# copy bootflash: tftp Source filename [c]? c7200-boot-mz.120-4.XE Address or name of remote host []? 171.71.219.167 Destination filename [c7200-boot-mz.120-4.XE]? !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 3384888 bytes copied in 89.
PAGE 239
Chapter 6 Provisioning Cisco IOS Upgrades Upgrading the DSC Software The following procedure outlines commands used to perform a Cisco 5814 dial-shelf controller (DSC) software upgrade from the router shelf. Step 1 Log in to the Cisco AS5800 router shelf and enter Enable (privileged exec) mode. Step 2 Identify Cisco IOS images in the DSC bootflash. AS5800# execute-on slot 12 show bootflash: DA-Slot12# -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1 ..
PAGE 240
Chapter 6 Provisioning Cisco IOS Upgrades Step 7 Squeeze the DSC flash to remove deleted files. AS5800# execute-on slot 12 squeeze flash: DA-Slot12# All deleted files will be removed. Continue? [confirm] Squeeze operation may take a while. Continue? [confirm] Writing sector: 1 Squeeze of slot0 complete Step 8 Download the new DSC image from your TFTP server to the DSC flash. Note By default, files are copied to and from the Cisco TFTP root directory. AS5800# copy tftp:dsc-c5800-mz.120-7.T.
PAGE 241
Chapter 6 Provisioning Cisco IOS Upgrades Upgrading the Router-Shelf Software The following procedure outlines commands used to perform a Cisco 7206 router-shelf (RS) software upgrade from the router shelf. Note Step 1 Unless you installed new port adapters in the router shelf, do not upgrade the boot image. See the “Upgrading the Router-Shelf Boot Image” section on page 6-12. Identify Cisco IOS images in the RS flash.
PAGE 242
Chapter 6 Provisioning Cisco IOS Upgrades Step 6 Reload the router shelf to load the new image. Router# reload Upgrading the Router-Shelf Boot Image The following procedure outlines commands used to perform a Cisco 7206 router-shelf (RS) boot image software upgrade from the router shelf. Note Step 1 Unless you installed new port adapters in the router shelf, do not upgrade the boot image. Identify the current bootflash image.
PAGE 243
Chapter 6 Provisioning Cisco IOS Upgrades Step 1 Check the dial-shelf controllers for a new Cisco IOS image. AS5800# execute-on slot 12 show version DA-Slot12> Cisco Internetwork Operating System Software IOS (tm) 5800 Software (C5800-DSC-M), Version 12.x TAC:Home:SW:IOS:Specials for info Copyright (c) 1986-1999 by cisco Systems, Inc. Compiled Thu 12-Aug-99 18:48 by ayeh Image text-base: 0x600088F0, data-base: 0x60520000 ROM: System Bootstrap, Version x AA, ROM: 5800 Software (C5800-DSC-M),Version 12.
PAGE 244
Chapter 6 Provisioning Modem Upgrades Modem Upgrades This section describes basic debugging and modem commands used for upgrading modem module firmware as well as modem activation considerations. The show modem version command output is displayed to verify a successful download. Debugging a Modem Use the following commands for debugging a modem or group of modems. From the Cisco IOS privileged mode AS5800-1# . • Debug a modem’s out-of-band port that is used to poll modem events.
PAGE 245
Chapter 6 Provisioning Modem Upgrades Table 6-2 Step 1. Modem Firmware Upgrade Commands Command Description AS5800-1> enable Password: password AS5800-1# Enter the enable command. Enter your password. You are in privileged EXEC mode when the prompt changes to AS5800-1#. 2. AS5800-1# show modem version Determine the firmware version currently running on the modem card. 3. AS5800-1# show modem bundled-firmware Determine the available bundled modem firmware images per slot. 4.
PAGE 246
Chapter 6 Provisioning Modem Upgrades To verify that a download has succeeded, use the show modem version command. AS5800-1> show modem version Modem Range Module 1/6/00 1/6/05 0 1/6/06 1/6/11 1 1/6/12 1/6/17 2 1/6/18 1/6/23 3 1/6/24 1/6/29 4 1/6/30 1/6/35 5 1/6/36 1/6/41 6 1/6/42 1/6/47 7 1/6/48 1/6/53 8 1/6/54 1/6/59 9 1/6/60 1/6/65 10 1/6/66 1/6/71 11 Firmware Rev 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 2.2.1.7 2.2.1.7 2.2.1.7 2.2.1.7 2.2.1.7 2.2.1.
PAGE 247
Chapter 6 Provisioning Modem Upgrades Board Hardware Version 1.0, Item Number 73-2522-2, Board Revision 051, Serial Number 06298446, PLD/ISP Version 255.255, Manufacture Date 17-Jul-1997. Modem Range: 1/6/42 1/6/47 Modem Module: 7 Manufacture Cookie Info: EEPROM Type 0x0101, EEPROM Version 0x01, Board ID 0x06, Board Hardware Version 1.0, Item Number 73-2522-2, Board Revision 051, Serial Number 06298593, PLD/ISP Version 255.255, Manufacture Date 17-Jul-1997.
PAGE 248
Chapter 6 Provisioning Split Dial Shelves • If the firmware specified is not part of the firmware list, a message is printed to the console. The firmware name is stored in the modem pool structures until that modem card is updated with the specified firmware image. The firmware upgrade then occurs when that modem card is rebooted. • If any modem module has an active call on it, the firmware upgrade request is queued and deferred until the modem module becomes free.
PAGE 249
Chapter 6 Provisioning Split Dial Shelves The dial shelf is split by dividing the ownership of the feature boards between the two router shelves. You must configure the division of the dial-shelf slots between the two router shelves so that each router controls an appropriate mix of trunk and modem cards. Each router shelf controls its set of feature boards as if those were the only boards present. There is no interaction between feature boards owned by either router.
PAGE 250
Chapter 6 Provisioning Split Dial Shelves Enter the dial-shelf split slots {slot-numbers} command, specifying the slot numbers that are to be owned by the existing router shelf. Step 5 Configure the new router shelf to operate in split mode on other feature boards. Enter the dial-shelf split slots {slot-numbers} command, specifying the slot numbers that are to be owned by the new router shelf. Do not specify any of the slot numbers that you specified in Step 4.
PAGE 251
Chapter 6 Provisioning Split Dial Shelves Leaving Split Mode Split mode is exited when the dial-shelf configuration is changed by a no dial-shelf split slots command. When the split dial-shelf line is removed, the router shelf will start using all of the TDM timeslots. Feature boards that were not owned in split mode and are not owned by the other router will be reset.
PAGE 252
Chapter 6 Provisioning Split Dial Shelves When in split mode, the show dial-shelf output is extended. For example: 5800# show dial-shelf System is in split dial shelf mode.
PAGE 253
Chapter 6 Provisioning Split Dial Shelves Managing a Split Dial Shelf If you are installing split-dial-shelf systems, a system controller is available that provides a single system view of multiple POPs. The system controller for the Cisco AS5800 includes the Cisco 3640 router running Cisco IOS software. The system controller can be installed at a remote facility so that you can access multiple systems through a console port or Web interface.
PAGE 254
Chapter 6 Provisioning Split Dial Shelves If the dial-shelf split slots command is entered in normal mode without valid slot numbers or the keyword none, the command is rejected. Split mode: This command will change dial-shelf slot ownership. The router will no longer have ownership of any dial-shelf slots. no dial-shelf split slots Normal mode: This command has no effect. If the router shelf is in normal mode, it stays that way.
PAGE 255
Chapter 6 Provisioning Split Dial Shelves Other router shelf is in split mode when this one is not. Explanation Split mode is intended to support two router shelves connected to a single dial shelf. To use this arrangement, both connected router shelves should be configured for split dial shelves. Problems can arise if two routers are connected to the dial shelf, but one router is not configured in split mode.
PAGE 256
Chapter 6 Provisioning Split Dial Shelves If you are unable to solve the problem, contact a customer service representative for assistance and further instructions.
PAGE 257
Chapter 6 Provisioning Router-Shelf Redundancy Router-Shelf Redundancy When an active router shelf in a Cisco AS5800 loses communication with the dial shelf, a backup router shelf can be automatically invoked to take over dial-shelf resources controlled by the lost router shelf. This backup method, called redundancy, is provided on the Cisco AS5800 to prevent a single point of failure, subsequent downtime, and user intervention to resolve unrecoverable hardware faults.
PAGE 258
Chapter 6 Provisioning Router-Shelf Redundancy Hitless Redundancy Hitless redundancy is not supported. When a router-shelf failover occurs, all calls associated with that router shelf are lost. Cisco AS5800 redundancy ensures that resources (particularly trunk lines) do not remain unusable while the controlling router is down. Network Management Redundancy management via SNMP is not supported. However, an SNMP trap will be issued by the backup router when the router failover event occurs.
PAGE 259
Chapter 6 Provisioning Router-Shelf Redundancy For successful failover to occur, both router-shelf configurations need to be synchronized. Configure each router separately, as active and backup, respectively, with the same configuration, except for the IP address on egress interfaces. Note Test the backup router’s configuration for errors discovery before production environment deployment. Redundancy Show Commands The show redundancy command indicates when failover is enabled.
PAGE 260
Chapter 6 Provisioning Router-Shelf Redundancy Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 6-30 DOC-7810814=
PAGE 261
A P P E N D I X A Advanced Quick Reference This appendix provides quick reference configurations for the advanced Cisco AS5800 user and system administrator who need to rapidly modify system functionality or enhance system performance. Interface and/or protocol configurations addressed in this section are listed categorically and sequenced logically by operation.
PAGE 262
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Advanced Quick Reference Configurations This section provides abridged interface and/or protocol configurations listed categorically and sequenced logically by operation.
PAGE 263
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 19. V.120 Support, page A-31 20. VoIP, page A-32 21. Global Parameters, page A-32 22. Finalizing Operational Configurations, page A-34 Egress Interface Egress interfaces are network connections, or ports, used for outbound traffic flow.
PAGE 264
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations To Modify, Copy, & Paste interface FastEthernet0/0/0 ip address 1.1.1.1 255.255.255.0 no ip directed broadcast no ip mroute-cache no cdp enable exit Loopback Interface Loopback interface is a logical interface on the router that can be used for diagnostics and troubleshooting purposes. It is also used to conserve address space so other physical interfaces can be unnumbered to this interface.
PAGE 265
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Routing Protocol Routing protocol that accomplishes routing through the implementation of a specific routing algorithm. Examples of routing protocols include: RIP, IGRP, EIGRP, OSPF, and BGP.
PAGE 266
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 5800(config-router)# passive-interface Loopback0 Defines the Loopback interface as a passive interface. 5800(config-router)# network 10.0.0.0 Enables advertisement of interfaces in this network. Defines 10.0.0.0 network as part of the RIP routing process. The router exchanges routing updates about the 10.0.0.0 network dynamically. 5800(config-router)# network 172.16.0.0 Defines 172.16.0.
PAGE 267
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations T3 Ingress Configuration The following Cisco IOS CLI script serves as a sample T3 ingress interface configuration or setup. Sample Configuration 5800(config)# isdn switch-type primary-ni (ISDN) 5800(config)# controller t3 1/0/0 5800(config-controller)# framing m23 5800(config-controller)# cablelength 224 5800(config-controller)# t1 1 controller 5800(config-controller)# t1 2 controller 5800(config-controller)# . . .
PAGE 268
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations T1 Ingress Configuration The following Cisco IOS CLI script serves as a sample T1 ingress interface configuration or setup.
PAGE 269
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Line Signaling When configuring a router for signaling, line signaling can be used for both inbound and outbound calls. The line signaling configuration must match the corresponding telco switch configuration.
PAGE 270
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Line Signaling (CAS) Configuration The following Cisco IOS CLI script serves as a sample CAS line signaling configuration or setup.
PAGE 271
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations D-Channel Configuration The following Cisco IOS CLI script serves as a sample ISDN D-Channel configuration or setup.
PAGE 272
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations AAA Triple A security in billing that stands for Authentication, Authorization and Accounting.
PAGE 273
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 5800(config)# aaa authentication login LOCAL none Configures an authentication method list called LOCAL that consults the local database of user names and passwords. 5800(config)# aaa authentication login USE-RADIUS group radius local Defines the login authentication for method list USE-RADIUS that points to RADIUS server. User will be authenticated against the RADIUS database.
PAGE 274
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Command Line Description 5800(config)# aaa authorization exec USE-RADIUS group radius if-authenticated Configures an authorization method list called USE-RADIUS that uses the global RADIUS server list. EXEC authorization is required to process per-user attribute such as autocommands. Defines the authorization method for EXEC (shell). Method list is called “USE-RADIUS” and it points to the radius server.
PAGE 275
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 5800(config)# aaa accounting network default start-stop group radius Generates accounting records for network services (PPP, SLIP, ARAP). Start and Stop records should be generated without wait. Radius server is being used for this accounting. This enables accounting records for all network sessions (PPP/SLIP). The accounting record will be sent at the beginning and the end of the network session.
PAGE 276
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations To Modify, Copy, & Paste radius-server radius-server radius-server radius-server radius-server radius-server host x.x.x.x auth-port x acct-port x non-standard host a.b.c.d auth-port x acct-port y key mysharedsecret deadtime 5 timeout 3 retransmit 2 attribute nas-port format c TACACS Server Configuration The following Cisco IOS CLI script serves as a sample TACACS Server configuration or setup.
PAGE 277
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Modem Pool Configuration The following Cisco IOS CLI script serves as a sample modem pool configuration or setup. Sample Configuration 5800(config)# modem-pool Default 5800(config-modem-pool)# pool-range 1/2/00-1/11/143 5800(config-modem-pool)# firmware 2.6.2.
PAGE 278
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations TTY Line These are asynchronous lines on the router. TTY is a line configuration, not an interface configuration. These lines correspond to async interfaces that are configured separately.
PAGE 279
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Defines the authorization method for EXEC service and point it to the “USE-RADIUS” list defined in the AAA process. Configures EXEC authorization on the line to use the USE-RADIUS method list. 5800(config-line)# modem Dialin Configures the line to allow a modern modem to dial-in (dial-out not allowed). 5800(config-line)# no modem log rs232 Turns off the rs232 log events. Does not log EIA/TIA-232 events in the modem log.
PAGE 280
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Async Interface Configuration The following Cisco IOS CLI script serves as a sample async interface configuration or setup.
PAGE 281
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Defines the authentication protocol (PAP) to be used for authenticating incoming calls only. The USE-RADIUS list is defined in the AAA process. PPP clients must authenticate themselves using the Password Authentication Protocol. Authentication will be done using the USE-RADIUS method list. 5800(config-if)# ppp multilink Configures the interface for multilink. Enable this interface to negotiate PPP multilink.
PAGE 282
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Dial Interface Configuration The following Cisco IOS CLI script serves as a sample dial interface configuration or setup.
PAGE 283
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Defines the authentication protocol (PAP) to be used for authenticating incoming calls only. The USE-RADIUS list is defined in the AAA process. PPP clients must authenticate themselves using the Password Authentication Protocol. Authentication will be done using the USE-RADIUS method list. 5800(config-if)# ppp multilink Configures the interface for multilink. Enable this interface to negotiate PPP multilink.
PAGE 284
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations IP Address Pools Configuration The following Cisco IOS CLI script serves as a sample IP address pool configuration or setup. Sample Configuration 5800(config)# 5800(config)# 5800(config)# 5800(config)# 5800(config)# 5800(config)# ip ip ip ip ip ip dhcp-server x.x.x.x (if using dhcp) local pool default 1.1.1.1 1.1.1.255 local pool default 1.1.2.1 1.1.2.255 local pool default 21.21.21.1 21.21.21.255 local pool 1 10.100.1.1 10.
PAGE 285
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Virtual Template Virtual Templates are used for cloning virtual-access interfaces for inbound calls.
PAGE 286
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 5800(config-if)# ppp multilink Configures the interface for multilink. Enables this interface to negotiate PPP multilink. 5800(config-if)# exit Exits interface configuration mode to global configuration mode.
PAGE 287
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Command Line Description 5800(config)# username sg-group password anything Defines the username and password for the SGBP stack group. Configures a shared secret for the SGBP group name that will be used to authenticate peers into the stack group. 5800(config)# sgbp group sg-group Defines “sg-group” as the sgbp stack group name.
PAGE 288
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations VPDN Configuration The following Cisco IOS CLI script serves as a sample VPDN configuration or setup. Sample Configuration 5800(config)# vpdn enable 5800(config)# vpdn search-order dnis domain Command Line Description 5800(config)# vpdn enable Enables VPDN on the router. Enables the processing of VPDN calls. VPDN calls are determined either by a special DNIS number or a special format to the username.
PAGE 289
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Command Line Description 5800(config)# snmp-server community public RO Enables SNMP and sets community string and access privileges for public to read-only. Allows users with the public community string to read-only. 5800(config)# snmp-server community private RW Sets community string and access privileges for private to read-write. Allows users with the private community string to read and write.
PAGE 290
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Virtual Profile Configuration The following Cisco IOS CLI script serves as a sample virtual profile configuration or setup. Sample Configuration 5800(config)# virtual-profile virtual-template 1 5800(config)# virtual-profile aaa Command Line Description 5800(config)# virtual-profile virtual-template 1 Enables virtual profiles by virtual interface template.
PAGE 291
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Multilink Virtual Template Configuration The following Cisco IOS CLI script serves as a sample multilink virtual template configuration or setup. Sample Configuration 5800(config)# multilink virtual-template 1 5800(config)# multilink bundle-name both Command Line Description 5800(config)# multilink virtual-template 1 Defines a virtual template used to clone parameters for a virtual access interface for Multilink PPP.
PAGE 292
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Command Line Description 5800(config)# interface s 1/0/0:1:23 Defines the serial interface to configure. 5800(config-if)# autodetect encapsulation v120 ppp Configures the router to automatically switch between ISDN PPP users and ISDN V.120 users. Creates new VTY’s for V.120 users to start on. 5800(config-if)# line vty 5 20 Creates new VTY’s for V.120 users to start on. 5800(config-line)# transport input v120 Only allows V.
PAGE 293
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Global Parameter Requisites None. Global Parameter Configuration The following Cisco IOS CLI script serves as sample configurations or setups for global parameters.
PAGE 294
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations 5800(config)# ntp server x.x.x.x prefer Configures NTP server and prefers this peer when possible. 5800(config)# ntp server y.y.y.y Configures NTP server. Configures the router to sync to the NTP server at y.y.y.y.
PAGE 295
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Command Line Description 5800(config)# no logging console Turns off console logging so messages do not appear on the router console. Prevents debug messages to be sent to the console. Flooding of debug messages on the console has an operational impact on the router. 5800(config)# line con 0 Enters console configuration mode. 5800(config)# login authentication CONSOLE Sets the login authentication for console access.
PAGE 296
Appendix A Advanced Quick Reference Advanced Quick Reference Configurations Show Commands The show commands are used to look at various information and statistics on the router. • show version • show controller {t1} • show isdn {status | service} • show modem {summary} • show ip local pool • show line summary • show caller • show caller user username • show dial-shelf Debug Commands The debug commands are used for isolating and troubleshooting problems on the router.
PAGE 297
G L O S S A R Y A AAA Triple A security in billing that stands for authentication, authorization and accounting. access charge Charges long distance providers pay to local telephone service providers for use of the local network to complete long distance calls. access line The circuit between a telephone subscriber and the local switching center. access server Communications processor that connects asynchronous devices to a LAN or WAN through network and terminal emulation software.
PAGE 298
Glossary advertising Router process in which routing or service updates are sent at specified intervals so that other routers on the network can maintain lists of usable routes. agent Firmware embedded or software installed on a device. agent group A collection of one or more agents created by a network administrator. The TrafficDirector application handles an agent group as a single agent, allowing you to collectively monitor network statistics from more than one segment or point on a segment.
PAGE 299
Glossary assigned numbers RFC [STD2] documents the currently assigned values from several series of numbers used in network protocol implementations. This RFC is updated periodically, and current information can be obtained from the IANA. If you are developing a protocol or application that will require the use of a link, socket, port, protocol, and so forth, contact the IANA to receive a number assignment. async interface Asychronous interface is used to terminate analog (async) dialin calls.
PAGE 300
Glossary baseline report Compares two similar time ranges in one report. A baseline time range is maintained (protected against purge action) so that baseline data is available at report time. The baseline time range can be one to 30 days. You can baseline both detail and summary data, and you can store up to two baseline time ranges. However, the comparison reports run on any two time ranges where data is available.
PAGE 301
Glossary broadband A transmission facility having a bandwidth of greater than 20 kHz. Any communications system able to deliver multiple channels or services of video, voice, or data to its users or subscribers over a broad band of RF spectrum. broadcast address Special address reserved for sending a message to all stations. Generally, a broadcast address is a MAC destination address of all ones.
PAGE 302
Glossary circuit A path for the transmission of electromagnetic signals to include all conditioning and signaling equipment. circuit switching The type of signal switching traditionally used by telephone companies to create a physical connection between a caller and a called party. Cisco IOS Cisco-proprietary Internetwork Operating System.
PAGE 303
Glossary Configuration Manager A TrafficDirector application allows you to add and configure agents, agent groups, switches, and Frame Relay agents. Configuration Manager also provides a means for installing domains, logging, traps, and resources on a variety of agents including DLCIs and switch ports. Configuration Rollup (or Config Rollup) A TrafficDirector application that allows you to define the number of days that different kinds of data are stored in an SQL report database before being deleted.
PAGE 304
Glossary dial selective signaling (DSS) A multipoint network in which the called party is selected by a prearranged dialing code. dial tone (DT) A tone indicating that automatic switching equipment is ready to receive dial signals. dialing parity A company that is not an affiliate of a local phone company is able to provide phone services in such a manner that customers have the ability to route their calls automatically without the use of any access code.
PAGE 305
Glossary eligible telecommunications carrier A telecommunications carrier is eligible to receive universal service support, if it offers phone service to all customers throughout a service area without preference, and it advertises the available supported services through the mass media. Email Electronic mail. Messages are composed on computers and then sent over a network, in electronic form to other network users.
PAGE 306
Glossary G grade of service (GS) The probability of a call being blocked by busy trunks, expressed as a decimal fraction, and usually meaning the busy-hour probability. H host On the Internet, a host, or host computer, can serve as both way station and entry point for network users. Hosts serve information to remote users, for example using World Wide Web or Gopher. They also provide access to the Internet for local users, capable of logging in through a particular account.
PAGE 307
Glossary IP address The 32-bit address assigned to hosts using TCP/IP. An IP address belongs to one of five classes (A, B, C, D, or E) and is written as four octets separated by periods. This is called dotted decimal format. For example: 172.16.211.0. Each address consists of a network number, an optional subnetwork number, and a host number. The network and subnetwork numbers together are used for routing, and the host number is used to address an individual host within the network or subnetwork.
PAGE 308
Glossary line signaling When configuring a router for signaling, line signaling can be used for both inbound and outbound calls. The line signaling configuration must match the corresponding telco switch configuration. local area network (LAN) Intraoffice communication system usually used to provide data transmission in addition to voice transmission. local exchange carrier (LEC) Any company that is engaged in the provision of telephone exchange service or exchange access.
PAGE 309
Glossary Multilink virtual template A virtual template from which the specified Multilink PPP bundle can clone its interface parameters. multiplexing Creating multiple channels by interspersing more than one signal over a single relay, such as cable, or microwave. N network A group of stations linked together to broadcast the same program simultaneously. Also used as designate cable program providers. network element A facility or the equipment used in the provision of a telecommunications service.
PAGE 310
Glossary P packet A bundle of data packaged for transmission over a network. Packets can be various lengths, ranging from about 40 bytes up to 32,000 bytes on the Internet, but typically about 1,500 bytes in length. The Asynchronous Transfer Mode, a new standard for switching data of various types over private and public networks, specifies a packet of uniform 53 byte length. personal communication service (PCS) Wireless technology that offers ways to exchange voice and data.
PAGE 311
Glossary R regional Bell operating company ( RBOC) Corporate entities that emerged from the breakup of the AT&T monopoly to own local telephone service in designated geographic regions in the USA. remote access (ra) The ability of transmission points to gain access to a computer that is at a different location. routing protocol Protocol that accomplishes routing through the implementation of a specific routing algorithm. Examples of routing protocols include RIP, IGRP, EIGRP, OSPF, and BGP.
PAGE 312
Glossary SONET Synchronous Optical Network. Specification for a high-speed (up to 2.5 Gbps) synchronous network developed by Bellcore and designed to run on optical fiber. STS-1 is the basic building block of SONET. See also STS-1. STS-1 Synchronous Transport Signal level 1. Basic building block signal of SONET, operating at 51.84 Mbps. Faster SONET rates are defined at STS-n, where n is a multiple of 51.84 Mbps. See also SONET. STS-3c Synchronous Transport Signal level 3, linked together.
PAGE 313
Glossary T-carrier (T-1) A 4-wire digital transmission system which carries a 1.544-Mb/s digital bitstream in each direction. When using one of the framed formats (for example, D4 or ESF), T-1 has 1.536 Mb/s available for user data or digititized voice. Usually channelized into 24 voiceband channels using TDM (24 8-bit PCM samples per 193-bit frame).
PAGE 314
Glossary tip and ring The two sides of a telephone circuit. The names come from old telephone switch board plugs: the tip wire was connected to the tip of the plug, and the ring wire was connected to the ring at the base of the plug. topology Physical arrangement of network nodes and media within an enterprise networking structure. traffic Calls being sent and received over a communications network.
PAGE 315
Glossary W wide area network (WAN) An integrated data network linking metropolitan or local networks over common carrier facilities. World Wide Web (WWW) The newest and increasingly the most popular service on the Internet, WWW is a “hypertext” information system capable of presenting multimedia information to those with a “direct connection” to the Internet. It requires SL/IP, PPP, or some other dedicated Internet connection and browser software (like Mosaic or Netscape).
PAGE 316
Glossary Cisco AS5800 Operations, Administration, Maintenance, and Provisioning Guide 20 DOC-7810814=
PAGE 317
I N D E X address pools Symbols See IP address pools ? A-23 advanced configurations IOS command help 1-10 A-2 advanced quick reference A-1 alarm conditions, T1 controllers 2-30 architecture A basic hardware AAA Cisco AS5800 system A-12 debug command authentication basic setup verification A-36 4-24 debug command A-36 authentication command dial-shelf troubleshooting 5-45 3-11 2-16 2-16 router shelf troubleshooting 2-23 5-44 See access server 3-25 AS5814 configuration sample
PAGE 318
Index PPP call states, inspecting 3-25, 3-31, 4-30 remote call statistics 4-13 security gathering 4-31 troubleshooting typical lists 3-34 3-49 show caller 3-31 viewing 4-32 authentication, authorization, and accounting See AAA 3-34 3-49 CAM modem connect-speed card, DSC 3-55 2-8 authorization 4-13 card state detection, DSIP configuring 4-34 CCO modem firmware, downloading description 4-13 changes EXEC command mode 4-34 network autoselect during-login command 3-28 3-44
PAGE 319
Index Cisco marketing tools CiscoSecure logout 2-29 A-1 A-1 mode changes A-1 CLI script definition PPP multilink A-14 AAA authentication AAA RADIUS server dial interface A-15 A-20 D-channel (ISDN) squeeze 2-18 undoing 1-11 AAA accounting A-22 A-14 AAA authentication finalized operational global parameters IP address pools async interface A-24 line signaling (ISDN) A-9 dial interface egress multilink virtual template routing protocols A-11 A-22 A-3 finalized operational A-1
PAGE 320
Index rommon design parameters A-1 user EXEC corporate A-1 user interface IP 1-8 command scripts 1-6 1-6 dial interface AAA accounting egress A-15 AAA authentication A-22 A-3 egress custom A-13 A-3 AAA RADIUS server A-16 finalized operational AAA TACACS server A-16 global parameters async interface D-channel egress loopback A-4 finalized operational global parameters routing protocol A-4 A-17 multilink virtual templates routing protocol A-6 A-31 SGBP A-26 SNMP A-28
PAGE 321
Index Cisco IOS basics dial shelf ID global parameters script 1-19 modems and lines PPP finalized operational script 2-22 line signaling script 3-25 router shelf ID security serial interfaces 2-1 SNMP split dial shelf routers 6-23 system management 1-20 confirming final running-config 2-1, 2-39 SGBP script A-27 SNMP script A-29 T1 ingress script A-8 T3 ingress script A-7 TTY line script A-6 A-30 virtual template script 1-10 controller configuration mode VPDN script A-1 con
PAGE 322
Index debug modem csm command debug ppp authentication command debug q931 command Cisco DS5814 3-10, 3-13 3-29 3-13 debug trunk cas port timeslots command 3-11 descriptions AAA accounting A-14 AAA authentication A-14 AAA RADIUS server A-15 AS5800 memory location async interface dial interface egress IOS image 2-8 PEM installing 5-4 removing 5-4 5-3 show command A-36 dialup networking 3-29 dir flash command disable command A-22 global parameters IP address pools 1-11 display fiel
PAGE 323
Index field-replaceable units E 5-1 fields, CPU utilization display E0 interface 1-8 file system, exploring IOS egress filter module, replacing 7206 router shelf 2-2 A-3 managing 3-4 signal state behavior upgrading 2-22, 4-25 enabling 3-45 3-44 flash memory, Cisco 7206 fragmentation, memory IP basic setup 2-1, 2-35 T1/T3 controllers FreeMem 2-1, 2-26 encapsulation PPP command encrypted passwords end command 2-1, 2-39 3-41 unbundling 3-5 enable password command FRUs 3-27 2-8 2-19
PAGE 324
Index dial shelf IOS upgrade procedures 2-8 DSC card 2-8 matching 2-8 IP 1-7 address pools router shelf IOS A-23 address strategy 2-8 infrastructure checklists 6-5 1-6 basic setup enablement 6-1 ingress configuration design parameters DS5814 dial shelf interface configuring 2-2 domain name 1-2, A-6 1-7 A-8 IPCP configuring options T3 custom configuration A-7 local pool initiating modems, loopback test call show command 3-9 inspecting CPU utilization 2-21 network topolog
PAGE 325
Index AAA authentication AAA authorization egress logout command A-11 interface finalized operational global parameters test call A-35 A-24 A-10 line signaling (ISDN) A-9 maintenance A-17 routing protocols SNMP A-29 3-9, 3-16 5-1 management system, network configurations managing a split dial shelf multilink virtual template A-27 A-4 M A-4 SGBP A-1 A-33 line signaling (CAS) modem pools A-31 marketing tools, Cisco A-5 calculations 2-20 2-17 T3 ingress A-7 Cisco 7206 flash
PAGE 326
Index modem at-mode command numbering scheme 3-15, 3-20 modem autoconfigure command show modemcap command 3-49 modem autoconfigure discovery command modem autoconfigure type command modem operational-status command 3-40 V.34 3-7 V.
PAGE 327
Index AAA accounting script N A-15 AAA authentication script NEMS, IP address 1-7 network dial plan 1-6 protocols 4-2 NOC AAA TACACS server script A-16 A-21 A-11 dial interface script xiii egress script 6-3 topology A-16 D-channel script system documentation service AAA RADIUS server script async interface script network management A-23 A-4 finalized operational script 1-5 global parameters script 2-25 no cdp enable command 3-28 no ip directed-broadcast command line signalin
PAGE 328
Index AC-input power shelf dial shelf provisioning 5-3 PSTN 5-3 router shelf asynchronous connections, testing authentication 3-29 3-25 debug command 4-29 quick reference configurations A-2 3-31 autoselect, enabling call-processing configuring A-22 3-28 debug command multilink command A-23 regulatory compliance xiv remote authentication 4-13 A-36 AAA plan 1-5 troubleshooting D-channel 3-31 ppp authentication command 3-27 4-29, 4-33 2-3 egress A-3 final operational ingres
PAGE 329
Index VPDN AAA accounting A-27 resources AAA authentication allocation documentation AS5814 xiv authentication lists 3-11 D-channel 3-26 route caching statistics A-1 router interfaces A-1 1-7 1-8 router shelf A-22 A-3 A-33 IP Address Pools A-24 line signaling (CAS) A-10 line signaling (ISDN) A-9 loopback 2-2, 2-3 Cisco 7206 documentation configuration sample IOS image xiii 2-14 powering off replacing components restart reason modem pools A-17 multilink virtual template
PAGE 330
Index AAA authentication basic IP enablement A-13 2-1, 2-35 AAA RADIUS server A-16 setup script AAA TACACS server A-16 verifying basic AS5800 async interface D-channel A-26 Cisco 7206 router A-23 2-2 Cisco DS5814 dial A-4 finalized operational global parameters 2-3 shell connections, testing asynchronous EXEC A-9 2-1, 2-36 show bootflash command A-4 show caller command A-17 multilink virtual templates routing protocol 2-2 2-3 shelf/slot/port A-24 loopback interface modem pool
PAGE 331
Index show modem command router configuration 3-11, 3-50 show modem connect-speeds command show modem log command show modem summary command leaving 3-15, 3-20 6-21 transition procedure 3-50 squeeze command 6-16 show modem version command 3-42 show ntp association command 4-4 3-36 3-36 route caching show privilege command 2-22 subnet strategy show terminal command slot notation SNMP buffer 2-8 logging enabling format 1-7 4-4 4-5 architecture 4-7 controller 4-9 2-2 xiii, 2-3
PAGE 332
Index terminal length command Cisco 7206 Installation and Configuration Guide 3-14 testing asynchronous EXEC shell connections three-element notation 2-1, 2-36 2-3 time stamps, configuring xiii transition procedure for split mode 6-19 AS5800 dial shelf 5-44 Cisco IOS Release 12.0 Dial Solutions Command Reference 3-41 6-2 2-12 flow diagrams 4-3 Cisco IOS Release 12.
PAGE 333
Index voice over IP A-32 user-interface command modes username command 1-8, 1-9, A-1 4-32 utilization, inspecting CPU 2-21 utilization display fields, CPU 2-21 V V.120 V.34 A-31 3-7 V.
PAGE 334
Index Cisco AS5850 Operations, Administration, Maintenance, and Provisioning Guide 18 OL-0552-01