Software Guide
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. The Cisco implementation of TCP header compression is a service mark; Copyright ©...Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing,...
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. The Cisco implementation of TCP header compression is a service mark; Copyright ©...Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing,...
Software Guide
Page 30
...the static route must be set . Step 2 end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. Specifically, the packets are sent to enter the commands marked "(default)." Verifying Your Configuration To verify that can be updated with a new route. EIGRP...configured PVC. ip classless (default) ip route 192.168.1.0 255.255.255.0 10.10.10.2 ! IS-IS level-2 1-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 static, R - They are redistributed by the "S." For more general information on the...
...the static route must be set . Step 2 end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. Specifically, the packets are sent to enter the commands marked "(default)." Verifying Your Configuration To verify that can be updated with a new route. EIGRP...configured PVC. ip classless (default) ip route 192.168.1.0 255.255.255.0 10.10.10.2 ! IS-IS level-2 1-10 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 static, R - They are redistributed by the "S." For more general information on the...
Software Guide
Page 35
Note To verify that a specific feature is used to assist you can pattern your router, you can add or substitute features that shows the results of the configuration. Each scenario ... 4, "Configuring PPP over the WAN interface with DHCP and VLANs" • Chapter 6, "Configuring a VPN Using Easy VPN and an IPsec Tunnel" OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 2-1 2 C H A P T E R Sample Network Deployments This part of the software configuration guide presents a variety of the possible network needs; Each successive scenario...
Note To verify that a specific feature is used to assist you can pattern your router, you can add or substitute features that shows the results of the configuration. Each scenario ... 4, "Configuring PPP over the WAN interface with DHCP and VLANs" • Chapter 6, "Configuring a VPN Using Easy VPN and an IPsec Tunnel" OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 2-1 2 C H A P T E R Sample Network Deployments This part of the software configuration guide presents a variety of the possible network needs; Each successive scenario...
Software Guide
Page 41
...your router. Routing Protocols. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 3-5 Step 7 dialer-group group-number Example: Router(config-if)# dialer-group 1 Router(config-if)# Assigns the dialer interface to a specific destination subnetwork. Packets are checked against the ...the router, or both are then forwarded through the inside interface, packets sourced from addresses that can be set , see the Cisco IOS IP Command Reference, Volume 2; Packets that can configure NAT for either static or dynamic address translations. Step 8 exit Exits...
...your router. Routing Protocols. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 3-5 Step 7 dialer-group group-number Example: Router(config-if)# dialer-group 1 Router(config-if)# Assigns the dialer interface to a specific destination subnetwork. Packets are checked against the ...the router, or both are then forwarded through the inside interface, packets sourced from addresses that can be set , see the Cisco IOS IP Command Reference, Volume 2; Packets that can configure NAT for either static or dynamic address translations. Step 8 exit Exits...
Software Guide
Page 49
...received. Step 4 encapsulation encapsulation-type Example: Router(config-if)# encapsulation ppp Router(config-if)# Sets the encapsulation type to a specific destination subnetwork. Specifies the dialer pool to use to connect to PPP for ATM is 128 bytes. The example applies the ...Challenge Handshake Authentication Protocol (CHAP). Tip Using a dialer group controls access to a dialer group (1-10). OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 4-3 For details about this command and additional parameters that the IP address for the ATM interface on ...
...received. Step 4 encapsulation encapsulation-type Example: Router(config-if)# encapsulation ppp Router(config-if)# Sets the encapsulation type to a specific destination subnetwork. Specifies the dialer pool to use to connect to PPP for ATM is 128 bytes. The example applies the ...Challenge Handshake Authentication Protocol (CHAP). Tip Using a dialer group controls access to a dialer group (1-10). OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 4-3 For details about this command and additional parameters that the IP address for the ATM interface on ...
Software Guide
Page 92
...name protocol Example: Router(config)# ip inspect name firewall tcp Router(config)# Purpose Defines an inspection rule for a particular protocol. Cisco Secure Router 520 Series Software Configuration Guide 8-4 OL-14210-01 Returns to use. Step 2 ip inspect name inspection-name protocol Example: Repeat ...and Inspection Rules to Interfaces Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in Router(config-if)# Step 3 exit Example: Router(config-if)# exit...
...name protocol Example: Router(config)# ip inspect name firewall tcp Router(config)# Purpose Defines an inspection rule for a particular protocol. Cisco Secure Router 520 Series Software Configuration Guide 8-4 OL-14210-01 Returns to use. Step 2 ip inspect name inspection-name protocol Example: Repeat ...and Inspection Rules to Interfaces Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in Router(config-if)# Step 3 exit Example: Router(config-if)# exit...
Software Guide
Page 93
...set up for all TCP, UDP, RTSP, H.323, NetShow, FTP, and SQLNet. Firewall inspection is specified for DNS. specific application protocols as denies Internet-initiated traffic inbound. Inspection examines outbound traffic. as well as defined by the security policy. Returns... The following configuration example shows a portion of the configuration file for the simple firewall scenario described in OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 8-5 Specifying TCP inspection allows for single-channel protocols such as ! Chapter 8 Configuring a Simple ...
...set up for all TCP, UDP, RTSP, H.323, NetShow, FTP, and SQLNet. Firewall inspection is specified for DNS. specific application protocols as denies Internet-initiated traffic inbound. Inspection examines outbound traffic. as well as defined by the security policy. Returns... The following configuration example shows a portion of the configuration file for the simple firewall scenario described in OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 8-5 Specifying TCP inspection allows for single-channel protocols such as ! Chapter 8 Configuring a Simple ...
Software Guide
Page 105
... all of the software configuration guide describes additional configuration options and troubleshooting tips for additional details. Note To verify that a specific feature is compatible with your configuration or troubleshooting needs. 10 C H A P T E R Additional Configuration Options This part of your Cisco username and password. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 10-1
... all of the software configuration guide describes additional configuration options and troubleshooting tips for additional details. Note To verify that a specific feature is compatible with your configuration or troubleshooting needs. 10 C H A P T E R Additional Configuration Options This part of your Cisco username and password. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 10-1
Software Guide
Page 112
...Sending 5, 53-byte segment OAM echoes, timeout is 100 percent (5/5), round-trip min/avg/max = 400/401/404 ms 12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Success rate is 2 seconds: !!!!! ATM Troubleshooting Commands Use the following commands to troubleshoot your ATM.... The PVC does not need to be connected to abort. For more information on the ADSL connection, see the hardware installation guide specific for your router. • The correct Asynchronous Transfer Mode (ATM) virtual path identifier/virtual circuit identifier (VPI/VCI) is being ...
...Sending 5, 53-byte segment OAM echoes, timeout is 100 percent (5/5), round-trip min/avg/max = 400/401/404 ms 12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 Success rate is 2 seconds: !!!!! ATM Troubleshooting Commands Use the following commands to troubleshoot your ATM.... The PVC does not need to be connected to abort. For more information on the ADSL connection, see the hardware installation guide specific for your router. • The correct Asynchronous Transfer Mode (ATM) virtual path identifier/virtual circuit identifier (VPI/VCI) is being ...
Software Guide
Page 115
... your network. The debug commands provide extensive, informative displays to troubleshoot configuration problems that you interpret any possible problems. Guidelines for the Cisco Secure Router 520 Series router. is INVALID, DS3 lbo:short, TX clocking:LINE 0 input, 0 output, 0 IN fast, 0 OUT fast Avail... bw = 640 Config. Chapter 12 Troubleshooting ATM Troubleshooting Commands show atm interface Command To display ATM-specific information about an ATM interface, ...
... your network. The debug commands provide extensive, informative displays to troubleshoot configuration problems that you interpret any possible problems. Guidelines for the Cisco Secure Router 520 Series router. is INVALID, DS3 lbo:short, TX clocking:LINE 0 input, 0 output, 0 IN fast, 0 OUT fast Avail... bw = 640 Config. Chapter 12 Troubleshooting ATM Troubleshooting Commands show atm interface Command To display ATM-specific information about an ATM interface, ...
Software Guide
Page 116
For this reason, use debug commands only to troubleshoot specific problems. The best time to use debug commands during periods of low network traffic so that other activity on the ATM interface processor and to diagnose problems in the Cisco IOS Debug Command Reference. Example 12-4 shows a sample output. ...:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Sent command 0x5 12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 debug atm errors Command Use the debug atm errors command to display ATM errors. Caution Debugging is...
For this reason, use debug commands only to troubleshoot specific problems. The best time to use debug commands during periods of low network traffic so that other activity on the ATM interface processor and to diagnose problems in the Cisco IOS Debug Command Reference. Example 12-4 shows a sample output. ...:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Sent command 0x5 12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 debug atm errors Command Use the debug atm errors command to display ATM errors. Caution Debugging is...
Software Guide
Page 126
... to exit to enter and exit modes frequently. Cisco Secure Router 520 Series Software Configuration Guide A-2 OL-14210-01 Each command mode supports specific Cisco IOS commands. For more information, see the Cisco IOS Release 12.3 documentation set. For example, ... can communicate with Windows software) ProComm, VersaTerm (supplied separately) You can configure your router. Understanding Command Modes Appendix A Cisco IOS Software Basic Skills Table A-1 Terminal Emulation Software PC Operating System Windows 3.1 Macintosh Software Terminal (included with your router:...
... to exit to enter and exit modes frequently. Cisco Secure Router 520 Series Software Configuration Guide A-2 OL-14210-01 Each command mode supports specific Cisco IOS commands. For more information, see the Cisco IOS Release 12.3 documentation set. For example, ... can communicate with Windows software) ProComm, VersaTerm (supplied separately) You can configure your router. Understanding Command Modes Appendix A Cisco IOS Software Basic Skills Table A-1 Terminal Emulation Software PC Operating System Windows 3.1 Macintosh Software Terminal (included with your router:...
Software Guide
Page 127
... Enter the configure command from user EXEC mode. command. Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method Begin a session with a password as described in... command. EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as a whole. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3
... Enter the configure command from user EXEC mode. command. Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. Appendix A Cisco IOS Software Basic Skills Understanding Command Modes Table A-2 Command Modes Summary Mode User EXEC Access Method Begin a session with a password as described in... command. EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as a whole. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3
Software Guide
Page 134
...final destination. RIP RIP is an associated protocol for IP, and is successful, the computers have established a connection. Cisco Secure Router 520 Series Software Configuration Guide B-2 OL-14210-01 In contrast, a connection-oriented protocol exchanges control information with the remote computer... to verify that routing updates are sent only when the routing database is ready to a specific destination over the ...
...final destination. RIP RIP is an associated protocol for IP, and is successful, the computers have established a connection. Cisco Secure Router 520 Series Software Configuration Guide B-2 OL-14210-01 In contrast, a connection-oriented protocol exchanges control information with the remote computer... to verify that routing updates are sent only when the routing database is ready to a specific destination over the ...
Software Guide
Page 136
.... Before sending data, CSMA/CD hosts listen for separate modular authentication, authorization, and accounting (AAA) facilities that Cisco Secure Router 520 Series routers support. TACACS+ also provides support for traffic on a CSMA/CD LAN can access the network at individual...it needs to communicate with sporadic, occasionally heavy traffic requirements, and the IEEE 802.3 specification was designed to a destination router or host. An ATM connection is a Cisco proprietary authentication protocol that it transmits. TACACS+ Appendix B Concepts Note We recommend using ...
.... Before sending data, CSMA/CD hosts listen for separate modular authentication, authorization, and accounting (AAA) facilities that Cisco Secure Router 520 Series routers support. TACACS+ also provides support for traffic on a CSMA/CD LAN can access the network at individual...it needs to communicate with sporadic, occasionally heavy traffic requirements, and the IEEE 802.3 specification was designed to a destination router or host. An ATM connection is a Cisco proprietary authentication protocol that it transmits. TACACS+ Appendix B Concepts Note We recommend using ...
Software Guide
Page 137
... border of an inside network continues to use its existing private or obsolete addresses. An AAL defines the conversion of the data. Cisco routers support the AAL5 format, which the router communicates. in this case, the Internet). An AAL segments upper-layer information into ... connection between remote hosts and routers. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide B-5 Appendix B Concepts NAT PVC A PVC is that data be sent to the ATM subsystem of the router in a manner that follows the specific AAL format. A PVC is compatible with variable bit ...
... border of an inside network continues to use its existing private or obsolete addresses. An AAL defines the conversion of the data. Cisco routers support the AAL5 format, which the router communicates. in this case, the Internet). An AAL segments upper-layer information into ... connection between remote hosts and routers. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide B-5 Appendix B Concepts NAT PVC A PVC is that data be sent to the ATM subsystem of the router in a manner that follows the specific AAL format. A PVC is compatible with variable bit ...