Software Guide
Page 3
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
Software Guide
Page 21
... the commands used in the following sections: • Viewing the Default Configuration • Information Needed for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access using the CLI. These routers provide advanced security features that include secure Virtual Private Network (VPN) access and comprehensive threat defense with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set.
... the commands used in the following sections: • Viewing the Default Configuration • Information Needed for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access using the CLI. These routers provide advanced security features that include secure Virtual Private Network (VPN) access and comprehensive threat defense with up to 50 users and teleworkers who want secure connectivity to corporate LANs and to access global configuration mode, see the Cisco IOS Release 12.3 documentation set.
Software Guide
Page 22
... planned network scenario, prior to obtain your IP address, or you are setting up , some basic configuration has already been performed. Viewing the Default Configuration Chapter 1 Basic Router Configuration Viewing the Default Configuration When the router first boots up an Internet connection, gather the following information: - Step 2 Use the show running-config command to enter the privileged EXEC mode. Determine the number of the LAN and WAN interfaces have been created, console and VTY ports are typically virtual...
... planned network scenario, prior to obtain your IP address, or you are setting up , some basic configuration has already been performed. Viewing the Default Configuration Chapter 1 Basic Router Configuration Viewing the Default Configuration When the router first boots up an Internet connection, gather the following information: - Step 2 Use the show running-config command to enter the privileged EXEC mode. Determine the number of the LAN and WAN interfaces have been created, console and VTY ports are typically virtual...
Software Guide
Page 24
... creating VLANs, see the Cisco IOS Release 12.3 documentation set. Specifies an encrypted password to prevent unauthorized access to other VLANs if desired. Disables the router from translating unfamiliar words (typos) into IP addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Configure WAN Interfaces The Cisco Secure Router 520 Ethernet-to-Ethernet routers have one Fast Ethernet interface for WAN...
... creating VLANs, see the Cisco IOS Release 12.3 documentation set. Specifies an encrypted password to prevent unauthorized access to other VLANs if desired. Disables the router from translating unfamiliar words (typos) into IP addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Configure WAN Interfaces The Cisco Secure Router 520 Ethernet-to-Ethernet routers have one Fast Ethernet interface for WAN...
Software Guide
Page 28
... to the router, beginning in global configuration mode: Step 1 Command line [aux | console | tty | vty] line-number Example: Router(config)# line console 0 Router(config-line)# Step 2 password password Example: Router(config-line)# password 5dr4Hepw3 Router(config-line)# Step 3 login Example: Router(config-line)# login Router(config-line)# Step 4 exec-timeout minutes [seconds] Example: Router(config-line)# exec-timeout 5 30 Router(config-line)# Purpose Enters line configuration mode, and specifies the type of line. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL...
... to the router, beginning in global configuration mode: Step 1 Command line [aux | console | tty | vty] line-number Example: Router(config)# line console 0 Router(config-line)# Step 2 password password Example: Router(config-line)# password 5dr4Hepw3 Router(config-line)# Step 3 login Example: Router(config-line)# login Router(config-line)# Step 4 exec-timeout minutes [seconds] Example: Router(config-line)# exec-timeout 5 30 Router(config-line)# Purpose Enters line configuration mode, and specifies the type of line. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL...
Software Guide
Page 29
... 1 (default) line vty 0 4 password secret login ! Enables password checking at the virtual terminal session login. Configuration Example The following configuration shows the command-line access commands. For complete information about the command line commands, see the Cisco IOS Release 12.3 documentation set. Specifies a virtual terminal for the virtual terminal line. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Exits line configuration mode, and returns to global configuration mode. These commands appear automatically in the configuration file...
... 1 (default) line vty 0 4 password secret login ! Enables password checking at the virtual terminal session login. Configuration Example The following configuration shows the command-line access commands. For complete information about the command line commands, see the Cisco IOS Release 12.3 documentation set. Specifies a virtual terminal for the virtual terminal line. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-9 Exits line configuration mode, and returns to global configuration mode. These commands appear automatically in the configuration file...
Software Guide
Page 31
... per-user static route o - candidate default, U - Changes in dynamic routes are shared with other routers in global configuration mode: Step 1 Command router rip Example: Router# configure terminal Router(config)# router rip Router(config-router)# Task Enters router configuration mode, and enables RIP on the router, beginning in the network. You can use of networks on network traffic or topology. Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network...
... per-user static route o - candidate default, U - Changes in dynamic routes are shared with other routers in global configuration mode: Step 1 Command router rip Example: Router# configure terminal Router(config)# router rip Router(config-router)# Task Enters router configuration mode, and enables RIP on the router, beginning in the network. You can use of networks on network traffic or topology. Example: Router(config-router)# version 2 Router(config-router)# Step 3 network ip-address Example: Router(config-router)# network 192.168.1.1 Router(config-router)# network...
Software Guide
Page 41
... be set, see the Cisco IOS Security Command Reference. dialer pool number Example: Router(config-if)# dialer pool 1 Router(config-if)# Specifies the dialer pool to use to connect to a dialer group (1-10). Step 8 exit Exits the dialer 0 interface configuration. Step 10 ip route prefix mask {interface-type interface-number} Example: Router(config)# ip route 10.10.25.2 255.255.255.255 dialer 0 Router(config)# Sets the IP route for the default gateway for either static or dynamic address translations. Packets that can configure NAT for...
... be set, see the Cisco IOS Security Command Reference. dialer pool number Example: Router(config-if)# dialer pool 1 Router(config-if)# Specifies the dialer pool to use to connect to a dialer group (1-10). Step 8 exit Exits the dialer 0 interface configuration. Step 10 ip route prefix mask {interface-type interface-number} Example: Router(config)# ip route 10.10.25.2 255.255.255.255 dialer 0 Router(config)# Sets the IP route for the default gateway for either static or dynamic address translations. Packets that can configure NAT for...
Software Guide
Page 58
... hostnames (names without a dotted-decimal domain name). VLANs The Cisco Secure Router 520 Series routers support four Fast Ethernet ports on which you have not performed these steps to configure your router. Step 2 ip name-server server-address1 [server-address2...server-address6] Example: Specifies the address of the user's physical location or LAN connection. VLANs enable networks to be segmented and formed into logical groups of users, regardless of one or more Domain Name System (DNS) servers to DHCP clients.
... hostnames (names without a dotted-decimal domain name). VLANs The Cisco Secure Router 520 Series routers support four Fast Ethernet ports on which you have not performed these steps to configure your router. Step 2 ip name-server server-address1 [server-address2...server-address6] Example: Specifies the address of the user's physical location or LAN connection. VLANs enable networks to be segmented and formed into logical groups of users, regardless of one or more Domain Name System (DNS) servers to DHCP clients.
Software Guide
Page 81
... | reverse-access | configuration} {default | network-related service requests, including PPP, list-name} [method1 [method2...]] and the method used . This example implements a username of cisco with an encrypted password of selected users at both peers' configurations. During IKE negotiations, the peers search in global configuration mode: Step 1 Command or Action aaa new-model Purpose Enables the AAA access control model. See the Cisco IOS Security Configuration Guide and the Cisco IOS Security Command Reference for details. You could also use a particular transform set is...
... | reverse-access | configuration} {default | network-related service requests, including PPP, list-name} [method1 [method2...]] and the method used . This example implements a username of cisco with an encrypted password of selected users at both peers' configurations. During IKE negotiations, the peers search in global configuration mode: Step 1 Command or Action aaa new-model Purpose Enables the AAA access control model. See the Cisco IOS Security Configuration Guide and the Cisco IOS Security Command Reference for details. You could also use a particular transform set is...
Software Guide
Page 116
For this reason, use debug commands only to troubleshoot specific problems. The best time to diagnose problems in an ATM network. You can render your router unusable. The no form of this command disables debugging output. Example 12-5 shows an ADSL line that is not communicating correctly. The no form of this command disables debugging output. If the interface is successfully communicating with the DSLAM, the modem state is...
For this reason, use debug commands only to troubleshoot specific problems. The best time to diagnose problems in an ATM network. You can render your router unusable. The no form of this command disables debugging output. Example 12-5 shows an ADSL line that is not communicating correctly. The no form of this command disables debugging output. If the interface is successfully communicating with the DSLAM, the modem state is...
Software Guide
Page 121
... the password recovery process by performing the steps in the "Reset the Configuration Register Value" section. Router(config)# config-reg value OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-11 Configuration changes can be made only in enable mode: Router> enable The prompt changes to the privileged EXEC prompt: Router# Enter the show startup-config command to display an enable password in the configuration file: Router# show startup-config If you recorded. Chapter 12 Troubleshooting Recovering a Lost Password Step...
... the password recovery process by performing the steps in the "Reset the Configuration Register Value" section. Router(config)# config-reg value OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-11 Configuration changes can be made only in enable mode: Router> enable The prompt changes to the privileged EXEC prompt: Router# Enter the show startup-config command to display an enable password in the configuration file: Router# show startup-config If you recorded. Chapter 12 Troubleshooting Recovering a Lost Password Step...
Software Guide
Page 125
... "Sample Network Deployments" • One of PC you are already familiar with Windows software), ProComm Plus OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-1 Table A-1 Terminal Emulation Software PC Operating System Windows 95, Windows 98, Windows 2000, Windows NT, Windows XP Software HyperTerm (included with Cisco IOS software, go to your router. This appendix contains the following sections: • Configuring the Router from a PC connected through the console port using . Table A-1 lists some common types of this software, which are using...
... "Sample Network Deployments" • One of PC you are already familiar with Windows software), ProComm Plus OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-1 Table A-1 Terminal Emulation Software PC Operating System Windows 95, Windows 98, Windows 2000, Windows NT, Windows XP Software HyperTerm (included with Cisco IOS software, go to your router. This appendix contains the following sections: • Configuring the Router from a PC connected through the console port using . Table A-1 lists some common types of this software, which are using...
Software Guide
Page 127
... or • To exit to this mode should be protected with a specific interface, such as interface atm 0) from user EXEC mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method Begin a session with the interface command. Prompt Router> Privileged EXEC Enter the enable command from global configuration mode. Also, you can access the following • To enter interface modes, which are described later in this...
... or • To exit to this mode should be protected with a specific interface, such as interface atm 0) from user EXEC mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method Begin a session with the interface command. Prompt Router> Privileged EXEC Enter the enable command from global configuration mode. Also, you can access the following • To enter interface modes, which are described later in this...
Software Guide
Page 128
... Arrow key for more commands. enter the exit command. • To exit to privileged EXEC mode, enter the end command, or press Ctrl-Z. For a list of available commands at that command mode, enter a question mark: Router> ? Getting Help Appendix A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of the router commands followed by a question mark (with the desired line number and optional line type, for example, line 0, from global configuration mode.
... Arrow key for more commands. enter the exit command. • To exit to privileged EXEC mode, enter the end command, or press Ctrl-Z. For a list of available commands at that command mode, enter a question mark: Router> ? Getting Help Appendix A Cisco IOS Software Basic Skills Table A-2 Command Modes Summary (continued) Mode Router configuration Access Method Prompt Enter one of the router commands followed by a question mark (with the desired line number and optional line type, for example, line 0, from global configuration mode.
Software Guide
Page 138
... static or dynamic. NAT is a client-server protocol that do not need to automatically negotiate its own registered WAN interface IP address from the ISP router. DHCP is configured on the inside network and the outside addresses. The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of multiple LAN devices to use of addresses from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 Allocation occurs in this type of contiguous address blocks...
... static or dynamic. NAT is a client-server protocol that do not need to automatically negotiate its own registered WAN interface IP address from the ISP router. DHCP is configured on the inside network and the outside addresses. The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of multiple LAN devices to use of addresses from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 Allocation occurs in this type of contiguous address blocks...
Software Guide
Page 143
... or reset. Resets the configuration register. Enters global configuration mode. If there is powered up in ROM monitor mode the next time it is connected to initialize the processor hardware and boot the operating system software. ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is no Cisco IOS software image loaded on the router, the ROM monitor runs the router. The firmware helps to the router over the console port. You can use...
... or reset. Resets the configuration register. Enters global configuration mode. If there is powered up in ROM monitor mode the next time it is connected to initialize the processor hardware and boot the operating system software. ROM Monitor C A P P E N D I X The ROM monitor firmware runs when the router is no Cisco IOS software image loaded on the router, the ROM monitor runs the router. The firmware helps to the router over the console port. You can use...
Software Guide
Page 146
... using the tftpdnld command: Variable Command Configures how the router displays file download progress. IP_ADDRESS= ip_address Subnet mask of the router. IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 There are displayed to TFTP_FILE= filename the router. DEFAULT_GATEWAY= ip_address IP address of the TFTP server from which the TFTP_SERVER= ip_address software will be downloaded to indicate file download...
... using the tftpdnld command: Variable Command Configures how the router displays file download progress. IP_ADDRESS= ip_address Subnet mask of the router. IP_SUBNET_MASK= ip_address IP address of the default gateway of the router. MAC address 00:00:0c:07:ac:01 Cisco Secure Router 520 Series Software Configuration Guide C-4 OL-14210-01 There are displayed to TFTP_FILE= filename the router. DEFAULT_GATEWAY= ip_address IP address of the TFTP server from which the TFTP_SERVER= ip_address software will be downloaded to indicate file download...
Software Guide
Page 156
... A-4 reset C-3 ROM monitor C-2 to C-3 ROM monitor debugging C-8, C-9 show atm interface 12-5 show dsl interface atm 4-7 IN-2 Cisco Secure Router 520 Series Software Configuration Guide show interface 12-3 stack C-8 sysret C-8 tftpdnld C-3, C-5 undoing A-6 xmodem C-7 command variables listing A-4 TFTP download C-4 committed access rate See CAR configuration changes making A-5 saving 12-11, A-6 configuration examples command-line access 1-9 DHCP server 5-4 dynamic routes 1-12 PPPoA with NAT 4-9 PPPoE with NAT 3-8 simple firewall 8-5 static route 1-10 VPN with IPsec and GRE 7-9 VPN with IPsec...
... A-4 reset C-3 ROM monitor C-2 to C-3 ROM monitor debugging C-8, C-9 show atm interface 12-5 show dsl interface atm 4-7 IN-2 Cisco Secure Router 520 Series Software Configuration Guide show interface 12-3 stack C-8 sysret C-8 tftpdnld C-3, C-5 undoing A-6 xmodem C-7 command variables listing A-4 TFTP download C-4 committed access rate See CAR configuration changes making A-5 saving 12-11, A-6 configuration examples command-line access 1-9 DHCP server 5-4 dynamic routes 1-12 PPPoA with NAT 4-9 PPPoE with NAT 3-8 simple firewall 8-5 static route 1-10 VPN with IPsec and GRE 7-9 VPN with IPsec...
Software Guide
Page 157
... A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing 1-2 DHCP configuring DHCP server 5-2 OL...
... A-1 static routes 1-10 VLANs 5-1 VPDN group number 3-2 VPNs 6-1, 7-2 WAN interface 1-4 your network, preparing for 1-2 confreg command C-6 connections, setting up 1-2 console download C-7 to C-8 context command C-8 copy running-config startup-config command A-6 copy tftp flash command C-3 corporate network, connecting to 1-2 crypto map, applying to interface 6-8, 7-7 D debug atm commands 12-5 debug atm errors command 12-6 debug atm events command 12-6, 12-7 debug atm packet command 12-7 debug commands, ROM monitor C-8, C-9 default configuration, viewing 1-2 DHCP configuring DHCP server 5-2 OL...