Software Guide
Page 1
Cisco Secure Router 520 Series Software Configuration Guide Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: Text Part Number: OL-14210-01
Cisco Secure Router 520 Series Software Configuration Guide Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Customer Order Number: Text Part Number: OL-14210-01
Software Guide
Page 3
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
...Interfaces 1-4 Configure WAN Interfaces 1-4 Configure the Fast Ethernet WAN Interface 1-5 Configure the ATM WAN Interface 1-5 Configure the Wireless Interface 1-6 Configuring a Loopback Interface 1-6 Configuration Example 1-7 Verifying Your Configuration 1-7 Configuring Command-Line Access to the Router 1-8 Configuration Example 1-9 Configuring Static Routes 1-10 Configuration Example 1-10 Verifying Your Configuration 1-10 Configuring Dynamic Routes 1-11 Configuring RIP 1-11 Configuration Example 1-12 Verifying Your Configuration 1-12 Cisco Secure Router 520 Series Software Configuration Guide...
Software Guide
Page 4
... 5-1 Configure DHCP 5-2 Configuration Example 5-4 Verify Your DHCP Configuration 5-4 Configure VLANs 5-5 Assign a Switch Port to a VLAN 5-6 Verify Your VLAN Configuration 5-6 6 C H A P T E R Configuring a VPN Using Easy VPN and an IPsec Tunnel 6-1 Configure the IKE Policy 6-3 Configure Group Policy Information 6-4 Apply Mode Configuration to the Crypto Map 6-5 Enable Policy Lookup 6-6 Configure IPsec Transforms and Protocols 6-6 Configure the IPsec Crypto Method and Parameters 6-7 Cisco Secure Router 520 Series...
... 5-1 Configure DHCP 5-2 Configuration Example 5-4 Verify Your DHCP Configuration 5-4 Configure VLANs 5-5 Assign a Switch Port to a VLAN 5-6 Verify Your VLAN Configuration 5-6 6 C H A P T E R Configuring a VPN Using Easy VPN and an IPsec Tunnel 6-1 Configure the IKE Policy 6-3 Configure Group Policy Information 6-4 Apply Mode Configuration to the Crypto Map 6-5 Enable Policy Lookup 6-6 Configure IPsec Transforms and Protocols 6-6 Configure the IPsec Crypto Method and Parameters 6-7 Cisco Secure Router 520 Series...
Software Guide
Page 5
... Access Lists and Inspection Rules to Interfaces 8-4 Configuration Example 8-5 Configuring a Wireless LAN Connection 9-1 Configure the Root Radio Station 9-2 Configure Bridging on VLANs 9-4 Configure Radio Station Subinterfaces 9-5 Configuration Example 9-6 Configuring Additional Features and Troubleshooting Additional Configuration Options 10-1 Configuring Security Features 11-1 Authentication, Authorization, and Accounting 11-1 Configuring AutoSecure 11-2 Configuring Access Lists 11-2 Access Groups 11-3 Cisco Secure Router 520 Series Software Configuration Guide v
... Access Lists and Inspection Rules to Interfaces 8-4 Configuration Example 8-5 Configuring a Wireless LAN Connection 9-1 Configure the Root Radio Station 9-2 Configure Bridging on VLANs 9-4 Configure Radio Station Subinterfaces 9-5 Configuration Example 9-6 Configuring Additional Features and Troubleshooting Additional Configuration Options 10-1 Configuring Security Features 11-1 Authentication, Authorization, and Accounting 11-1 Configuring AutoSecure 11-2 Configuring Access Lists 11-2 Access Groups 11-3 Cisco Secure Router 520 Series Software Configuration Guide v
Software Guide
Page 6
... 12-11 Reset the Configuration Register Value 12-11 Reference Information Cisco IOS Software Basic Skills A-1 Configuring the Router from a PC A-1 Understanding Command Modes A-2 Getting Help A-4 Enable Secret Passwords and Enable Passwords A-4 Entering Global Configuration Mode A-5 Using Commands A-5 Abbreviating Commands A-6 Undoing Commands A-6 Command-Line Error Messages A-6 Cisco Secure Router 520 Series Software Configuration Guide vi OL-14210...
... 12-11 Reset the Configuration Register Value 12-11 Reference Information Cisco IOS Software Basic Skills A-1 Configuring the Router from a PC A-1 Understanding Command Modes A-2 Getting Help A-4 Enable Secret Passwords and Enable Passwords A-4 Entering Global Configuration Mode A-5 Using Commands A-5 Abbreviating Commands A-6 Undoing Commands A-6 Command-Line Error Messages A-6 Cisco Secure Router 520 Series Software Configuration Guide vi OL-14210...
Software Guide
Page 7
Contents B A P P E N D I X C C H A P T E R OL-14210-01 Saving Configuration Changes A-6 Summary A-7 Where to Go Next A-7 Concepts B-1 ADSL B-1 Network Protocols B-2 IP B-2 Routing Protocol Options B-2 RIP B-2 PPP Authentication Protocols B-3 PAP B-3 CHAP B-3 TACACS+ B-4 Network Interfaces B-4 Ethernet B-4 ATM... Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
Contents B A P P E N D I X C C H A P T E R OL-14210-01 Saving Configuration Changes A-6 Summary A-7 Where to Go Next A-7 Concepts B-1 ADSL B-1 Network Protocols B-2 IP B-2 Routing Protocol Options B-2 RIP B-2 PPP Authentication Protocols B-3 PAP B-3 CHAP B-3 TACACS+ B-4 Network Interfaces B-4 Ethernet B-4 ATM... Queuing B-8 Access Lists B-9 ROM Monitor C-1 Entering the ROM Monitor C-1 ROM Monitor Commands C-2 Command Descriptions C-3 Disaster Recovery with TFTP Download C-3 TFTP Download Command Variables C-4 Required Variables C-4 Cisco Secure Router 520 Series Software Configuration Guide vii
Software Guide
Page 8
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Contents D A P P E N D I X INDEX Optional Variables C-4 Using the TFTP Download Command C-5 Configuration Register C-5 Changing the Configuration Register Manually C-6 Changing the Configuration Register Using Prompts C-6 Console Download C-7 Command Description C-7 Error Reporting C-8 Debug Commands C-8 Exiting the ROM Monitor C-9 Common Port Assignments D-1 Cisco Secure Router 520 Series Software Configuration Guide viii OL-14210-01
Software Guide
Page 9
...14210-01 Cisco Secure Router 520 Series Software Configuration Guide ix Audience This guide is intended for Cisco Secure Router 520 Series document that have additional information. Preface This preface describes the objectives, audience, organization, and conventions of experience. For warranty, service, and support information, see the "Cisco One-Year ... Request, page xvii Objective This guide provides an overview and explains how to having little or no experience in configuring routers to install and connect the wireless and nonwireless Cisco Secure Router 520 Series routers.
...14210-01 Cisco Secure Router 520 Series Software Configuration Guide ix Audience This guide is intended for Cisco Secure Router 520 Series document that have additional information. Preface This preface describes the objectives, audience, organization, and conventions of experience. For warranty, service, and support information, see the "Cisco One-Year ... Request, page xvii Objective This guide provides an overview and explains how to having little or no experience in configuring routers to install and connect the wireless and nonwireless Cisco Secure Router 520 Series routers.
Software Guide
Page 10
... VPN and an IPsec Tunnel" Provides instructions on your Cisco router. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to have it . Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01 Part 2: Configuring Your Router for Ethernet and DSL Access Chapter...
... VPN and an IPsec Tunnel" Provides instructions on your Cisco router. Part 4: Reference Information Appendix A, "Cisco IOS Software Basic Skills" Explains what you need to know about Cisco IOS software before you begin to have it . Cisco Secure Router 520 Series Software Configuration Guide x OL-14210-01 Part 2: Configuring Your Router for Ethernet and DSL Access Chapter...
Software Guide
Page 11
... device. BEWAAR DEZE INSTRUCTIES Varoitus TÄRKEITÄ TURVALLISUUSOHJEITA Tämä varoitusmerkki merkitsee vaaraa. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xi You are in een situatie die lichamelijk letsel kan veroorzaken. Turvallisuusvaroitusten käännökset löytyvät laitteen mukana...
... device. BEWAAR DEZE INSTRUCTIES Varoitus TÄRKEITÄ TURVALLISUUSOHJEITA Tämä varoitusmerkki merkitsee vaaraa. SÄILYTÄ NÄMÄ OHJEET OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xi You are in een situatie die lichamelijk letsel kan veroorzaken. Turvallisuusvaroitusten käännökset löytyvät laitteen mukana...
Software Guide
Page 16
...Cisco Secure Router 520 Series Software Configuration Guide (this document), the Cisco Secure Router 520 Series documentation set of printed documentation. Additional product documentation is available on Cisco.com: • Cisco Secure Router 520 Series Hardware Installation Guide http://www.cisco.com/en/US/docs/routers/access/500/520...8226; Regulatory Compliance and Safety Information for Cisco Secure Router 500 Series http://www.cisco.com/en/US/docs/routers/access/500/520/rcsi/500_rcsi.html Cisco Secure Router 520 Series Software Configuration Guide xvi OL-14210-01 The following ...
...Cisco Secure Router 520 Series Software Configuration Guide (this document), the Cisco Secure Router 520 Series documentation set of printed documentation. Additional product documentation is available on Cisco.com: • Cisco Secure Router 520 Series Hardware Installation Guide http://www.cisco.com/en/US/docs/routers/access/500/520...8226; Regulatory Compliance and Safety Information for Cisco Secure Router 500 Series http://www.cisco.com/en/US/docs/routers/access/500/520/rcsi/500_rcsi.html Cisco Secure Router 520 Series Software Configuration Guide xvi OL-14210-01 The following ...
Software Guide
Page 17
...documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What's New in... Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xvii The RSS feeds are a...
...documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What's New in... Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide xvii The RSS feeds are a...
Software Guide
Page 21
... routers are indicated whenever possible. It also describes the default configuration at startup. The Cisco Secure Router 520 Series routers complement the Cisco Unified Communications 500 Series router and the Cisco Smart Business Communications System (SBCS) portfolio. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-1 This chapter provides procedures for Customizing the Default Parameters •...
... routers are indicated whenever possible. It also describes the default configuration at startup. The Cisco Secure Router 520 Series routers complement the Cisco Unified Communications 500 Series router and the Cisco Smart Business Communications System (SBCS) portfolio. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-1 This chapter provides procedures for Customizing the Default Parameters •...
Software Guide
Page 22
...) client name that your Internet service provider (ISP) account - To view the default configuration, follow these steps: Step 1 Use the default username cisco and the default password cisco to configuring your IP network. - PPP authentication type: Challenge Handshake Authentication Protocol (CHAP) or Password... Information Needed for the WAN interfaces of the routers: - PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 Determine the IP routing parameter information, including IP address, and ATM permanent virtual ...
...) client name that your Internet service provider (ISP) account - To view the default configuration, follow these steps: Step 1 Use the default username cisco and the default password cisco to configuring your IP network. - PPP authentication type: Challenge Handshake Authentication Protocol (CHAP) or Password... Information Needed for the WAN interfaces of the routers: - PPP password to connect over an ADSL line: Cisco Secure Router 520 Series Software Configuration Guide 1-2 OL-14210-01 Determine the IP routing parameter information, including IP address, and ATM permanent virtual ...
Software Guide
Page 23
...public telephone service provider. Table 1-1 Supported Interfaces and Associated Port Labels by Router Router Cisco Secure Router 520 Ethernet-to the Router A configuration example is DMT (also called ANSI T1.413) or DMT Issue 2. Interface Port ...configuration following completion of these tasks: • Configure Global Parameters • Configure Fast Ethernet LAN Interfaces • Configure WAN Interfaces • Configuring a Loopback Interface • Configuring Command-Line Access to -Ethernet routers Cisco Secure Router 520 ADSL-over-POTS routers Cisco Secure Router 520...
...public telephone service provider. Table 1-1 Supported Interfaces and Associated Port Labels by Router Router Cisco Secure Router 520 Ethernet-to the Router A configuration example is DMT (also called ANSI T1.413) or DMT Issue 2. Interface Port ...configuration following completion of these tasks: • Configure Global Parameters • Configure Fast Ethernet LAN Interfaces • Configure WAN Interfaces • Configuring a Loopback Interface • Configuring Command-Line Access to -Ethernet routers Cisco Secure Router 520 ADSL-over-POTS routers Cisco Secure Router 520...
Software Guide
Page 24
... Fast Ethernet LAN interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Access is afforded through the VLAN. You...
... Fast Ethernet LAN interfaces on the global parameter commands, see Chapter 5, "Configuring a LAN with individual addresses. The Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers have one ATM interface for WAN connection. Cisco Secure Router 520 Series Software Configuration Guide 1-4 OL-14210-01 Access is afforded through the VLAN. You...
Software Guide
Page 25
... for the Fast Ethernet interface and returns to the Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers. Configure the ATM WAN Interface This procedure applies only to global configuration mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-5 Enables the Ethernet interface, changing its state from administratively down...
... for the Fast Ethernet interface and returns to the Cisco Secure Router 520 ADSL-over-POTS and Cisco Secure Router 520 ADSL-over-ISDN routers. Configure the ATM WAN Interface This procedure applies only to global configuration mode. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-5 Enables the Ethernet interface, changing its state from administratively down...
Software Guide
Page 26
... Wireless Interface The wireless interface enables connection to global configuration mode. Cisco Secure Router 520 Series Software Configuration Guide 1-6 OL-14210-01 For complete information on the loopback commands, see Chapter 9, "Configuring a Wireless LAN Connection," and the Cisco Access Router Wireless Configuration Guide. Configuring a Loopback Interface The loopback interface acts as a placeholder for an ATM interface. Step 2 ip...
... Wireless Interface The wireless interface enables connection to global configuration mode. Cisco Secure Router 520 Series Software Configuration Guide 1-6 OL-14210-01 For complete information on the loopback commands, see Chapter 9, "Configuring a Wireless LAN Connection," and the Cisco Access Router Wireless Configuration Guide. Configuring a Loopback Interface The loopback interface acts as a placeholder for an ATM interface. Step 2 ip...
Software Guide
Page 27
... not set Last input never, output never, output hang never OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-7 interface Virtual-Template1 ip unnumbered loopback0 no ip directed-broadcast ip nat outside ! This configuration example shows the loopback interface configured on the virtual-template interface. The loopback interface points back to virtual-template1...
... not set Last input never, output never, output hang never OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 1-7 interface Virtual-Template1 ip unnumbered loopback0 no ip directed-broadcast ip nat outside ! This configuration example shows the loopback interface configured on the virtual-template interface. The loopback interface points back to virtual-template1...
Software Guide
Page 28
... 200.200.100.1 Type escape sequence to abort. Enables password checking at terminal session login. The default is detected. Entering a timeout of line. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Sets the interval that the EXEC command interpreter waits until user input is 10 minutes. Optionally, add seconds to...
... 200.200.100.1 Type escape sequence to abort. Enables password checking at terminal session login. The default is detected. Entering a timeout of line. Cisco Secure Router 520 Series Software Configuration Guide 1-8 OL-14210-01 Sets the interval that the EXEC command interpreter waits until user input is 10 minutes. Optionally, add seconds to...