Software Guide
Page 2
... DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS... MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. All rights reserved. All rights reserved. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING ...
... DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS... MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. All rights reserved. All rights reserved. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING ...
Software Guide
Page 8
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Software Guide
Page 30
...the IP packets. mobile, B - EIGRP, EX - IS-IS, su - IS-IS summary, L1 - For complete information on the Cisco Secure Router 520 Series router is optional. ip classless (default) ip route 192.168.1.0 255.255.255.0 10.10.10.2 ! Perform these steps to.... Step 2 end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. IS-IS level-1, L2 - They are manually configured on the Fast Ethernet interface to the configured PVC. BGP D - EIGRP external, i - Configuration Example In the following example. RIP, M -...
...the IP packets. mobile, B - EIGRP, EX - IS-IS, su - IS-IS summary, L1 - For complete information on the Cisco Secure Router 520 Series router is optional. ip classless (default) ip route 192.168.1.0 255.255.255.0 10.10.10.2 ! Perform these steps to.... Step 2 end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. IS-IS level-1, L2 - They are manually configured on the Fast Ethernet interface to the configured PVC. BGP D - EIGRP external, i - Configuration Example In the following example. RIP, M -...
Software Guide
Page 57
The routers can configure your Cisco Secure Router 520 Series router to act as a DHCP server, providing IP address assignment and other TCP/IP-oriented configuration information to each client. As an administrator, you from having to manually assign an IP address to your workstations.... Figure 5-1 Physical and Virtual LANs with DHCP Configured on the Cisco Router 3 1 2 4 92339 1 Fast Ethernet LAN (with multiple networked devices) 2 Router and DHCP server-Cisco Secure Router 520 Series router-connected to ...
The routers can configure your Cisco Secure Router 520 Series router to act as a DHCP server, providing IP address assignment and other TCP/IP-oriented configuration information to each client. As an administrator, you from having to manually assign an IP address to your workstations.... Figure 5-1 Physical and Virtual LANs with DHCP Configured on the Cisco Router 3 1 2 4 92339 1 Fast Ethernet LAN (with multiple networked devices) 2 Router and DHCP server-Cisco Secure Router 520 Series router-connected to ...
Software Guide
Page 60
...all network 10.10.0.0 255.255.255.0 default-router 10.10.10.10 dns-server 192.168.35.2 domain-name cisco.com ! Configure DHCP Chapter 5 Configuring a LAN with DHCP and VLANs Configuration Example The following commands to view your...15419 Address pools 1 Database agents 0 Automatic bindings 0 Manual bindings 0 Expired bindings 0 Malformed messages 0 Secure arp entries 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 0 0 0 0 0 0 Leased addresses 0 Cisco Secure Router 520 Series Software Configuration Guide 5-4 OL-14210-01 ip domain ...
...all network 10.10.0.0 255.255.255.0 default-router 10.10.10.10 dns-server 192.168.35.2 domain-name cisco.com ! Configure DHCP Chapter 5 Configuring a LAN with DHCP and VLANs Configuration Example The following commands to view your...15419 Address pools 1 Database agents 0 Automatic bindings 0 Manual bindings 0 Expired bindings 0 Malformed messages 0 Secure arp entries 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 0 0 0 0 0 0 Leased addresses 0 Cisco Secure Router 520 Series Software Configuration Guide 5-4 OL-14210-01 ip domain ...
Software Guide
Page 66
...unavailable to configure your application requires creation of multiple VPN tunnels, you must manually configure the IPsec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on the client site. The Cisco Easy VPN client feature can be created with a network address of 10.1.1.1... is the default configuration and allows only devices at the client site are running Cisco Easy VPN Remote software on an IPsec client, such as an IPsec server. Cisco Secure Router 520 Series Software Configuration Guide 6-2 OL-14210-01 An Easy VPN server-enabled device can...
...unavailable to configure your application requires creation of multiple VPN tunnels, you must manually configure the IPsec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on the client site. The Cisco Easy VPN client feature can be created with a network address of 10.1.1.1... is the default configuration and allows only devices at the client site are running Cisco Easy VPN Remote software on an IPsec client, such as an IPsec server. Cisco Secure Router 520 Series Software Configuration Guide 6-2 OL-14210-01 An Easy VPN server-enabled device can...
Software Guide
Page 71
...peer, and both sides must specify the same transform set vpn1 Router(config-crypto-map)# OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 6-7 Note With manually established security associations, there is no negotiation with the crypto map entry. Configure the IPsec Crypto Method and...cfg-crypto-trans)# Purpose Defines a transform set-an acceptable combination of IPsec security protocols and algorithms. See the Cisco IOS Security Command Reference for example, IP address). Example: Router(config)# crypto dynamic-map dynmap 1 Router(config-crypto-map)# See ...
...peer, and both sides must specify the same transform set vpn1 Router(config-crypto-map)# OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 6-7 Note With manually established security associations, there is no negotiation with the crypto map entry. Configure the IPsec Crypto Method and...cfg-crypto-trans)# Purpose Defines a transform set-an acceptable combination of IPsec security protocols and algorithms. See the Cisco IOS Security Command Reference for example, IP address). Example: Router(config)# crypto dynamic-map dynmap 1 Router(config-crypto-map)# See ...
Software Guide
Page 82
Note With manually established security associations, there is no negotiation with the crypto map entry. Step 2 crypto ipsec security-association lifetime {seconds seconds | kilobytes kilobytes} Specifies global lifetime values used with the peer, and both sides must specify the same transform set vpn1 Router(config-crypto-map)# Cisco Secure Router 520 Series Software Configuration...
Note With manually established security associations, there is no negotiation with the crypto map entry. Step 2 crypto ipsec security-association lifetime {seconds seconds | kilobytes kilobytes} Specifies global lifetime values used with the peer, and both sides must specify the same transform set vpn1 Router(config-crypto-map)# Cisco Secure Router 520 Series Software Configuration...
Software Guide
Page 138
... (NAT) and PPP/Internet Protocol Control Protocol (IPCP). Because the addressing scheme on an IP network (the DHCP clients) to each client manually. The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of the same IP address by : • Eliminating the... in this single registered IP address. DHCP frees you from having to assign an IP address to request configuration information from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 Easy IP (Phase 1) Appendix B Concepts Translations can be defined. Easy IP (Phase 2) The...
... (NAT) and PPP/Internet Protocol Control Protocol (IPCP). Because the addressing scheme on an IP network (the DHCP clients) to each client manually. The Easy IP (Phase 1) feature combines NAT and PPP/IPCP. The ability of the same IP address by : • Eliminating the... in this single registered IP address. DHCP frees you from having to assign an IP address to request configuration information from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 Easy IP (Phase 1) Appendix B Concepts Translations can be defined. Easy IP (Phase 2) The...
Software Guide
Page 144
...prompt to on or off in this 60-second window, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Cisco Secure Router 520 Series Software Configuration Guide C-2 OL-14210-01 During this appendix. Timesaver... is 0x0, you can break to NVRAM print out info from the console. The number in ROM monitor and does not boot the Cisco IOS software. ROM Monitor Commands Appendix C ROM Monitor Step 4 Step 5 Command exit reload Purpose Exits global configuration mode. The router ...
...prompt to on or off in this 60-second window, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Cisco Secure Router 520 Series Software Configuration Guide C-2 OL-14210-01 During this appendix. Timesaver... is 0x0, you can break to NVRAM print out info from the console. The number in ROM monitor and does not boot the Cisco IOS software. ROM Monitor Commands Appendix C ROM Monitor Step 4 Step 5 Command exit reload Purpose Exits global configuration mode. The router ...
Software Guide
Page 148
... enable "ignore system config info"? y/n [n]: You must reset or power cycle for new config to take effect Cisco Secure Router 520 Series Software Configuration Guide C-6 OL-14210-01 y/n [n]: y enable "use all zero broadcast"? In either case... = 1200, 3 = 2400 [0]: 0 change console baud rate? Configuration Register Appendix C ROM Monitor Changing the Configuration Register Manually To change the virtual configuration register from the ROM monitor manually, enter the confreg command followed by describing the meaning of each bit. y/n [n]: change the boot characteristics? y/n [n]: y...
... enable "ignore system config info"? y/n [n]: You must reset or power cycle for new config to take effect Cisco Secure Router 520 Series Software Configuration Guide C-6 OL-14210-01 y/n [n]: y enable "use all zero broadcast"? In either case... = 1200, 3 = 2400 [0]: 0 change console baud rate? Configuration Register Appendix C ROM Monitor Changing the Configuration Register Manually To change the virtual configuration register from the ROM monitor manually, enter the confreg command followed by describing the meaning of each bit. y/n [n]: change the boot characteristics? y/n [n]: y...