Software Guide
Page 3
... Publications and Information i-xxiii Overview of the Cisco WMIC 1-1 Understanding the Cisco Mobile Wireless Network 1-1 Public Safety Wireless Network Example 1-1 Intersection Example 1-3 Vehicle Network Example 1-4 Data Path Example 1-5 Call Setup Process 1-5 Data Flow to and from the Home Network 1-6 Features 1-7 Management Options 1-10 CONTENTS OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide iii
... Publications and Information i-xxiii Overview of the Cisco WMIC 1-1 Understanding the Cisco Mobile Wireless Network 1-1 Public Safety Wireless Network Example 1-1 Intersection Example 1-3 Vehicle Network Example 1-4 Data Path Example 1-5 Call Setup Process 1-5 Data Flow to and from the Home Network 1-6 Features 1-7 Management Options 1-10 CONTENTS OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide iii
Software Guide
Page 11
...a UNIX Syslog Daemon 6-10 Configuring the UNIX System Logging Facility 6-10 Displaying the Logging Configuration 6-11 Tunnel Templates 7-1 Applying the Tunnel Template on the Home Agent 7-1 Applying the Tunnel Template on the Mobile Router 7-2 Example Configuration 7-3 Applying Tunnel Templates to the IPSec Two-box Solution 7-4 Related Documents 7-7 WIMIC...and Event Messages 8-8 Filters 9-1 Understanding Filters 9-1 Configuring Filters 9-2 Simple Network Management Protocol 10-1 Understanding SNMP 10-1 SNMP Versions 10-2 OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xi
...a UNIX Syslog Daemon 6-10 Configuring the UNIX System Logging Facility 6-10 Displaying the Logging Configuration 6-11 Tunnel Templates 7-1 Applying the Tunnel Template on the Home Agent 7-1 Applying the Tunnel Template on the Mobile Router 7-2 Example Configuration 7-3 Applying Tunnel Templates to the IPSec Two-box Solution 7-4 Related Documents 7-7 WIMIC...and Event Messages 8-8 Filters 9-1 Understanding Filters 9-1 Configuring Filters 9-2 Simple Network Management Protocol 10-1 Understanding SNMP 10-1 SNMP Versions 10-2 OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xi
Software Guide
Page 15
... configure basic settings on the web-based interface pages. "Configuring the WMIC for the networking professional who installs and manages Cisco 3200 Series wireless and mobile routers. This guide does not provide field-level descriptions of wireless local area networks. It does not provide...of the Cisco WMIC" lists the software and hardware features of the web-based interface, which is for the First Time" describes how to install and configure your bridge. OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xv On the Cisco Product Documentation home page, ...
... configure basic settings on the web-based interface pages. "Configuring the WMIC for the networking professional who installs and manages Cisco 3200 Series wireless and mobile routers. This guide does not provide field-level descriptions of wireless local area networks. It does not provide...of the Cisco WMIC" lists the software and hardware features of the web-based interface, which is for the First Time" describes how to install and configure your bridge. OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xv On the Cisco Product Documentation home page, ...
Software Guide
Page 29
... associated workgroup bridge. 3. Call Setup Process This section describes the processes of call setup and data flow as the Cisco 3200 Series router moves into the home agent. Cisco 3200 Series Wireless MIC Software Configuration Guide 5 When the Cisco 3200 Series router sends traffic over IP (MoIP) tunnel to an authentication, authorization, and accounting (AAA) server. If the mobile router...
... associated workgroup bridge. 3. Call Setup Process This section describes the processes of call setup and data flow as the Cisco 3200 Series router moves into the home agent. Cisco 3200 Series Wireless MIC Software Configuration Guide 5 When the Cisco 3200 Series router sends traffic over IP (MoIP) tunnel to an authentication, authorization, and accounting (AAA) server. If the mobile router...
Software Guide
Page 30
... successfully to a root device. A foreign agent responds to the Cisco 3200 Series router solicitation with nodes on the home network, they send the data to the Cisco 3200 Series router. 1. Data Flow to and from the Home Network The Cisco 3200 Series router is successful. If any devices attached to the Cisco 3200 Series router must be sent through the VPN gateway for encryption...
... successfully to a root device. A foreign agent responds to the Cisco 3200 Series router solicitation with nodes on the home network, they send the data to the Cisco 3200 Series router. 1. Data Flow to and from the Home Network The Cisco 3200 Series router is successful. If any devices attached to the Cisco 3200 Series router must be sent through the VPN gateway for encryption...
Software Guide
Page 96
... ensures confidentiality because all protocol exchanges between the WMIC and the TACACS+ daemon are maintained in this section, see the Cisco IOS Security Command Reference for a single access control server (the TACACS+ daemon) to the root device. The authentication .... Accounting records include administrator identities, start and stop times, executed commands (such as home address, mother's maiden name, service type, and social security number). Cisco 3200 Series Wireless MIC Software Configuration Guide 32 Controlling WMIC Access with TACACS+ Administering the WMIC Controlling...
... ensures confidentiality because all protocol exchanges between the WMIC and the TACACS+ daemon are maintained in this section, see the Cisco IOS Security Command Reference for a single access control server (the TACACS+ daemon) to the root device. The authentication .... Accounting records include administrator identities, start and stop times, executed commands (such as home address, mother's maiden name, service type, and social security number). Cisco 3200 Series Wireless MIC Software Configuration Guide 32 Controlling WMIC Access with TACACS+ Administering the WMIC Controlling...
Software Guide
Page 235
... Tasman Drive, San Jose, CA 95134-1706 USA © 2008 Cisco Systems, Inc. A tunnel template is set to the tunnel template. For example: wd>enable wd>password ! Applying the Tunnel Template on the Home Agent To apply the tunnel template to the tunnels brought up on... tunnel interface and enters interface configuration mode. Enables Mobile IP on statically created tunnels to be enabled from the mobile router to the home agent. Tunnel Templates Tunnel templates allow a mobile router to carry multicast sessions to mobile networks as mobile nodes. wd(config)#interface tunnel...
... Tasman Drive, San Jose, CA 95134-1706 USA © 2008 Cisco Systems, Inc. A tunnel template is set to the tunnel template. For example: wd>enable wd>password ! Applying the Tunnel Template on the Home Agent To apply the tunnel template to the tunnels brought up on... tunnel interface and enters interface configuration mode. Enables Mobile IP on statically created tunnels to be enabled from the mobile router to the home agent. Tunnel Templates Tunnel templates allow a mobile router to carry multicast sessions to mobile networks as mobile nodes. wd(config)#interface tunnel...
Software Guide
Page 236
... sparse-mode ! wd(config)#interface tunnel interfacenumber! The following example displays the active Mobile IP tunnels and the template configuration for the tunnel on the home agent: Router# show ip mobile tunnel command to the tunnels brought up at the mobile router, follow this tunnel: ip pim sparse-dense-mode Tunnel0...
... sparse-mode ! wd(config)#interface tunnel interfacenumber! The following example displays the active Mobile IP tunnels and the template configuration for the tunnel on the home agent: Router# show ip mobile tunnel command to the tunnels brought up at the mobile router, follow this tunnel: ip pim sparse-dense-mode Tunnel0...
Software Guide
Page 237
Home Agent ip multicast-routing ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ip pim sparse-mode ! ! Tunnel template to be applied to be applied to support the Cisco Mobile Networks-Tunnel Templates for Multicast feature. Select tunnel template to apply during...roam ! router mobile ip pim rp-address 7.7.7.7 ip mobile secure home-agent 1.1.1.1 spi 102 key hex 23456781234567812345678123456781 algorithm md5 mode prefix-suffix ip mobile router address 11.2.0.1 255.255.0.0 home-agent 1.1.1.1 ! Example Configuration Example Configuration In the following example configuration,...
Home Agent ip multicast-routing ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ip pim sparse-mode ! ! Tunnel template to be applied to be applied to support the Cisco Mobile Networks-Tunnel Templates for Multicast feature. Select tunnel template to apply during...roam ! router mobile ip pim rp-address 7.7.7.7 ip mobile secure home-agent 1.1.1.1 spi 102 key hex 23456781234567812345678123456781 algorithm md5 mode prefix-suffix ip mobile router address 11.2.0.1 255.255.0.0 home-agent 1.1.1.1 ! Example Configuration Example Configuration In the following example configuration,...
Software Guide
Page 238
... 4 This recommendation eliminates the need for policy routing and allows for all traffic that needed encryption. Applying the crypto map to the home address interface. Local-address must be set next hop loopback for all traffic from the mobile router must point to the inner tunnel ... encrypted, all traffic to be used to apply other parameters to the Home Address ! interface EthernetO/O ip address 169.254.255.1 255.255.255.255 ip mobile router-service roam ! Tunnel templates, introduced in Cisco IOS Release 12.2(15)T, add multicast support, but can change and IPSec...
... 4 This recommendation eliminates the need for policy routing and allows for all traffic that needed encryption. Applying the crypto map to the home address interface. Local-address must be set next hop loopback for all traffic from the mobile router must point to the inner tunnel ... encrypted, all traffic to be used to apply other parameters to the Home Address ! interface EthernetO/O ip address 169.254.255.1 255.255.255.255 ip mobile router-service roam ! Tunnel templates, introduced in Cisco IOS Release 12.2(15)T, add multicast support, but can change and IPSec...
Software Guide
Page 239
... the show ip mobile router Mobile Router Enabled 10/18/05 18:50:54 Last redundancy state transition NEVER Configuration: Home Address 192.168.100.10 Mask 255.255.255.0 Home Agent 192.168.1.2 Priority 100 (best) (current) Registration lifetime 65534 sec Retransmit Init 1000, Max 5000 msec, ... template Tunnel99 ! ! end Validating the Configuration The configuration can be enabled or traffic will not exit via the tunnel ! ip mobile secure home-agent 192.168.1.2 spi 100 key hex 1234567890abcdef1234567890abcdef algorithm md5 mode prefix-suffix ip mobile router address 192.168.100.10 255.255.255...
... the show ip mobile router Mobile Router Enabled 10/18/05 18:50:54 Last redundancy state transition NEVER Configuration: Home Address 192.168.100.10 Mask 255.255.255.0 Home Agent 192.168.1.2 Priority 100 (best) (current) Registration lifetime 65534 sec Retransmit Init 1000, Max 5000 msec, ... template Tunnel99 ! ! end Validating the Configuration The configuration can be enabled or traffic will not exit via the tunnel ! ip mobile secure home-agent 192.168.1.2 spi 100 key hex 1234567890abcdef1234567890abcdef algorithm md5 mode prefix-suffix ip mobile router address 192.168.100.10 255.255.255...
Software Guide
Page 241
For information on configuring Mobile IP using Cisco IOS software, refer to configure assembled Cisco 3200 Series routers. • Cisco 3200 Series Mobile Access Router Hardware Reference1-This document. It provides descriptions of the Cisco MIC I/O cards found at: http://www.cisco.com/en/US/products/sw/iosswrel/products_ios_cisco_ios_software_releases.html or http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/ps4629...
For information on configuring Mobile IP using Cisco IOS software, refer to configure assembled Cisco 3200 Series routers. • Cisco 3200 Series Mobile Access Router Hardware Reference1-This document. It provides descriptions of the Cisco MIC I/O cards found at: http://www.cisco.com/en/US/products/sw/iosswrel/products_ios_cisco_ios_software_releases.html or http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/ps4629...
Software Guide
Page 283
...information) • Root devices are configured to allow unauthenticated traffic only to home agent • Modem over IP (MoIP) in foreign agent mode • Cisco-compatible client devices that comply with Cisco Compatible eXtensions (CCX) version 2 or later Configuring the WMIC to use WDS... to Support Fast Secure Roaming The WDS access point and all access points participating in CCKM. On your authentication server. Cisco 3200 Series Wireless MIC Software Configuration Guide 5 Configuring the Authentication Server to communicate with the WDS access point, and it authenticates to...
...information) • Root devices are configured to allow unauthenticated traffic only to home agent • Modem over IP (MoIP) in foreign agent mode • Cisco-compatible client devices that comply with Cisco Compatible eXtensions (CCX) version 2 or later Configuring the WMIC to use WDS... to Support Fast Secure Roaming The WDS access point and all access points participating in CCKM. On your authentication server. Cisco 3200 Series Wireless MIC Software Configuration Guide 5 Configuring the Authentication Server to communicate with the WDS access point, and it authenticates to...
Software Guide
Page 288
... on Mobile IP configuration commands. To enable blocking of client traffic during authentication, enter the command without the non-blocking keyword. Cisco 3200 Series Wireless MIC Software Configuration Guide 10 The no ] aaa authentication login group rad_eap where is The authentication network-eap command allows traffic.../ios123/123cgcr/ibm_r1/ib1_a1g.pdf for details on an access point to allow clients to send traffic to a home agent only. Refer to http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtfamoip.htm for details on configuring access control...
... on Mobile IP configuration commands. To enable blocking of client traffic during authentication, enter the command without the non-blocking keyword. Cisco 3200 Series Wireless MIC Software Configuration Guide 10 The no ] aaa authentication login group rad_eap where is The authentication network-eap command allows traffic.../ios123/123cgcr/ibm_r1/ib1_a1g.pdf for details on an access point to allow clients to send traffic to a home agent only. Refer to http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtfamoip.htm for details on configuring access control...
Software Guide
Page 306
... operation 10-2, 10-3 get-request operation 10-2, 10-3 get-response operation 10-2 GPRS 1-4 group key updates 3-23 H history table, level and number of syslog messages 6-8 home agent tunnel template 7-1 host name, ARPANET rules 4-1 hostname command 4-1 I IAPP messaging 3-6 IN-4 Cisco 3200 Series Wireless MIC Software Configuration Guide OL-6415-04
... operation 10-2, 10-3 get-request operation 10-2, 10-3 get-response operation 10-2 GPRS 1-4 group key updates 3-23 H history table, level and number of syslog messages 6-8 home agent tunnel template 7-1 host name, ARPANET rules 4-1 hostname command 4-1 I IAPP messaging 3-6 IN-4 Cisco 3200 Series Wireless MIC Software Configuration Guide OL-6415-04