Software Guide
Page 2
...IS" WITH ALL FAULTS. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. THE SOFTWARE..., INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS...
...IS" WITH ALL FAULTS. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. THE SOFTWARE..., INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS...
Software Guide
Page 8
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Software Guide
Page 30
...end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. For more general information on the Cisco Secure Router 520 Series router is optional. IS-IS, su - Configuration Example In the following example. static, R - These commands appear automatically ...route for static routes signified by a routing protocol. Static routes are private routes unless they are manually configured on the static routing commands, see the Cisco IOS Release 12.3 documentation set , see verification output similar to the configured PVC. You do...
...end Example: Router(config)# end Router# Exits router configuration mode, and enters privileged EXEC mode. For more general information on the Cisco Secure Router 520 Series router is optional. IS-IS, su - Configuration Example In the following example. static, R - These commands appear automatically ...route for static routes signified by a routing protocol. Static routes are private routes unless they are manually configured on the static routing commands, see the Cisco IOS Release 12.3 documentation set , see verification output similar to the configured PVC. You do...
Software Guide
Page 57
... T E R Configuring a LAN with DHCP and VLANs The Cisco Secure Router 520 Series routers support clients on these networks. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 5-1 DHCP frees you from having to manually assign an IP address to your workstations. The routers can configure ...your Cisco Secure Router 520 Series router to act as a ...
... T E R Configuring a LAN with DHCP and VLANs The Cisco Secure Router 520 Series routers support clients on these networks. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 5-1 DHCP frees you from having to manually assign an IP address to your workstations. The routers can configure ...your Cisco Secure Router 520 Series router to act as a ...
Software Guide
Page 60
... Router# show ip dhcp server statistics Memory usage 15419 Address pools 1 Database agents 0 Automatic bindings 0 Manual bindings 0 Expired bindings 0 Malformed messages 0 Secure arp entries 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 0 0 0 0 0 0 Leased addresses 0 Cisco Secure Router 520 Series Software Configuration Guide 5-4 OL-14210-01 ip dhcp pool dpool1 import all network 10...
... Router# show ip dhcp server statistics Memory usage 15419 Address pools 1 Database agents 0 Automatic bindings 0 Manual bindings 0 Expired bindings 0 Malformed messages 0 Secure arp entries 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 0 0 0 0 0 0 Leased addresses 0 Cisco Secure Router 520 Series Software Configuration Guide 5-4 OL-14210-01 ip dhcp pool dpool1 import all network 10...
Software Guide
Page 66
...configuration and allows only devices at the client site to act as an IPsec server. Resources at the central site. Cisco Secure Router 520 Series Software Configuration Guide 6-2 OL-14210-01 Easy VPN server-enabled devices allow remote routers to access resources at the... feature supports configuration of multiple VPN tunnels, you must manually configure the IPsec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on an IPsec client, such as a supported Cisco Secure Router 520 Series router. When the IPsec client initiates the VPN tunnel...
...configuration and allows only devices at the client site to act as an IPsec server. Resources at the central site. Cisco Secure Router 520 Series Software Configuration Guide 6-2 OL-14210-01 Easy VPN server-enabled devices allow remote routers to access resources at the... feature supports configuration of multiple VPN tunnels, you must manually configure the IPsec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on an IPsec client, such as a supported Cisco Secure Router 520 Series router. When the IPsec client initiates the VPN tunnel...
Software Guide
Page 71
...security associations are negotiated. Example: Router(config-crypto-map)# set transform-set vpn1 Router(config-crypto-map)# OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 6-7 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the IPsec Crypto Method...-map dynamic-map-name dynamic-seq-num Creates a dynamic crypto map entry and enters crypto map configuration mode. Note With manually established security associations, there is no negotiation with the crypto map entry. Example: Router(cfg-crypto-trans)# crypto ipsec security...
...security associations are negotiated. Example: Router(config-crypto-map)# set transform-set vpn1 Router(config-crypto-map)# OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 6-7 Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel Configure the IPsec Crypto Method...-map dynamic-map-name dynamic-seq-num Creates a dynamic crypto map entry and enters crypto map configuration mode. Note With manually established security associations, there is no negotiation with the crypto map entry. Example: Router(cfg-crypto-trans)# crypto ipsec security...
Software Guide
Page 82
...Action Purpose crypto dynamic-map dynamic-map-name dynamic-seq-num Creates a dynamic crypto map entry, and enters crypto map configuration mode. Note With manually established security associations, there is no negotiation with the crypto map entry. Example: Router(cfg-crypto-trans)# crypto ipsec security-association lifetime seconds 86400... parameters (for detail about this command. Step 2 set transform-set transform-set-name [transform-set-name2...transform-set vpn1 Router(config-crypto-map)# Cisco Secure Router 520 Series Software Configuration Guide 7-6 OL-14210-01
...Action Purpose crypto dynamic-map dynamic-map-name dynamic-seq-num Creates a dynamic crypto map entry, and enters crypto map configuration mode. Note With manually established security associations, there is no negotiation with the crypto map entry. Example: Router(cfg-crypto-trans)# crypto ipsec security-association lifetime seconds 86400... parameters (for detail about this command. Step 2 set transform-set transform-set-name [transform-set-name2...transform-set vpn1 Router(config-crypto-map)# Cisco Secure Router 520 Series Software Configuration Guide 7-6 OL-14210-01
Software Guide
Page 138
... combines Network Address Translation (NAT) and PPP/Internet Protocol Control Protocol (IPCP). DHCP frees you from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 DHCP allows for increased automation and fewer network administration problems by: •...Phase 1) uses existing port-level multiplexed NAT functionality within the Internet, NAT can share a single registered IP address for the manual configuration of addresses from a DHCP server. A static address translation establishes a one-to allocate outside addresses. With NAT, ...
... combines Network Address Translation (NAT) and PPP/Internet Protocol Control Protocol (IPCP). DHCP frees you from a central site Cisco Secure Router 520 Series Software Configuration Guide B-6 OL-14210-01 DHCP allows for increased automation and fewer network administration problems by: •...Phase 1) uses existing port-level multiplexed NAT functionality within the Internet, NAT can share a single registered IP address for the manual configuration of addresses from a DHCP server. A static address translation establishes a one-to allocate outside addresses. With NAT, ...
Software Guide
Page 144
.... The router remains in this 60-second window, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Cisco Secure Router 520 Series Software Configuration Guide C-2 OL-14210-01 See the boot command... in the "Command Descriptions" section in ROM monitor and does not boot the Cisco IOS software. During this appendix. alias boot break ...
.... The router remains in this 60-second window, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Cisco Secure Router 520 Series Software Configuration Guide C-2 OL-14210-01 See the boot command... in the "Command Descriptions" section in ROM monitor and does not boot the Cisco IOS software. During this appendix. alias boot break ...
Software Guide
Page 148
...is written into NVRAM but does not take effect rommon 2 > The value is written into NVRAM but does not take effect Cisco Secure Router 520 Series Software Configuration Guide C-6 OL-14210-01 y/n [n]: enable "break/abort has effect"? y/n [n]: You must reset or ... Monitor do you reset or reboot the router. Configuration Register Appendix C ROM Monitor Changing the Configuration Register Manually To change the virtual configuration register from the ROM monitor manually, enter the confreg command followed by describing the meaning of each bit. y/n [n]: y enable "diagnostic mode...
...is written into NVRAM but does not take effect rommon 2 > The value is written into NVRAM but does not take effect Cisco Secure Router 520 Series Software Configuration Guide C-6 OL-14210-01 y/n [n]: enable "break/abort has effect"? y/n [n]: You must reset or ... Monitor do you reset or reboot the router. Configuration Register Appendix C ROM Monitor Changing the Configuration Register Manually To change the virtual configuration register from the ROM monitor manually, enter the confreg command followed by describing the meaning of each bit. y/n [n]: y enable "diagnostic mode...