Software Guide
Page 2
...Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing,...domain version of the word partner does not imply a partnership relationship between Cisco and any other company. (0804R) © 2008 Cisco Systems, Inc. All rights reserved. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE ...
...Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing,...domain version of the word partner does not imply a partnership relationship between Cisco and any other company. (0804R) © 2008 Cisco Systems, Inc. All rights reserved. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE ...
Software Guide
Page 30
... with a destination IP address of 192.168.1.0 and a subnet mask of 255.255.255.0 on the static routing commands, see the Cisco IOS Release 12.3 documentation set , see the Cisco IOS IP Command Reference, Volume 2 of 10.10.10.2. RIP, M - EIGRP, EX - IS-IS level-2 1-10... signified by a routing protocol. static, R - For more general information on the Cisco Secure Router 520 Series router is optional. Router# show ip route command and look for the IP packets. IS-IS level-1, L2 - Specifically, the packets are sent to enter the commands marked "(default)." IS-IS summary, ...
... with a destination IP address of 192.168.1.0 and a subnet mask of 255.255.255.0 on the static routing commands, see the Cisco IOS Release 12.3 documentation set , see the Cisco IOS IP Command Reference, Volume 2 of 10.10.10.2. RIP, M - EIGRP, EX - IS-IS level-2 1-10... signified by a routing protocol. static, R - For more general information on the Cisco Secure Router 520 Series router is optional. Router# show ip route command and look for the IP packets. IS-IS level-1, L2 - Specifically, the packets are sent to enter the commands marked "(default)." IS-IS summary, ...
Software Guide
Page 35
...Cisco Secure Router 520 Ethernet-to-Ethernet routers can be used in the DSL-based scenarios. Note To verify that shows the results of the configuration. The first network scenario provides a simple network configuration: point-to implement the network configuration, and a configuration example that a specific ...is described with DHCP and VLANs" • Chapter 6, "Configuring a VPN Using Easy VPN and an IPsec Tunnel" OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 2-1 Each successive scenario builds on which you in the examples, or you can access this ...
...Cisco Secure Router 520 Ethernet-to-Ethernet routers can be used in the DSL-based scenarios. Note To verify that shows the results of the configuration. The first network scenario provides a simple network configuration: point-to implement the network configuration, and a configuration example that a specific ...is described with DHCP and VLANs" • Chapter 6, "Configuring a VPN Using Easy VPN and an IPsec Tunnel" OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 2-1 Each successive scenario builds on which you in the examples, or you can access this ...
Software Guide
Page 41
...authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# Purpose Sets the PPP authentication method to a specific destination subnetwork. Packets that enter the router through the specified interface dialer group. dialer pool number Example: Router(config-if)# dialer ...255.255 dialer 0 Router(config)# Sets the IP route for the default gateway for possible address translation. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 3-5 Chapter 3 Configuring PPP over Ethernet with it. Packets are then forwarded through...
...authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# Purpose Sets the PPP authentication method to a specific destination subnetwork. Packets that enter the router through the specified interface dialer group. dialer pool number Example: Router(config-if)# dialer ...255.255 dialer 0 Router(config)# Sets the IP route for the default gateway for possible address translation. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 3-5 Chapter 3 Configuring PPP over Ethernet with it. Packets are then forwarded through...
Software Guide
Page 49
...7 dialer-group group-number Example: Router(config-if)# dialer-group 1 Router(config-if)# Assigns the dialer interface to a specific destination subnetwork. The default minimum is 1492 bytes. The maximum for the dialer interface is obtained through PPP/IPCP (IP Control... negotiation. Step 2 ip address negotiated Example: Router(config-if)# ip address negotiated Router(config-if)# Specifies that can be set, see the Cisco IOS Security Command Reference. Step 5 Step 6 ppp authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# ...
...7 dialer-group group-number Example: Router(config-if)# dialer-group 1 Router(config-if)# Assigns the dialer interface to a specific destination subnetwork. The default minimum is 1492 bytes. The maximum for the dialer interface is obtained through PPP/IPCP (IP Control... negotiation. Step 2 ip address negotiated Example: Router(config-if)# ip address negotiated Router(config-if)# Specifies that can be set, see the Cisco IOS Security Command Reference. Step 5 Step 6 ppp authentication {protocol1 [protocol2...]} Example: Router(config-if)# ppp authentication chap Router(config-if)# ...
Software Guide
Page 92
...and Inspection Rules to Interfaces Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in Router(config-if)# Step 3 exit Example: Router(config-if)# ...2 ip inspect name inspection-name protocol Example: Repeat this command for each inspection rule that you wish to global configuration mode. Cisco Secure Router 520 Series Software Configuration Guide 8-4 OL-14210-01 Configure Inspection Rules Chapter 8 Configuring a Simple Firewall Configure Inspection Rules...
...and Inspection Rules to Interfaces Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in Router(config-if)# Step 3 exit Example: Router(config-if)# ...2 ip inspect name inspection-name protocol Example: Repeat this command for each inspection rule that you wish to global configuration mode. Cisco Secure Router 520 Series Software Configuration Guide 8-4 OL-14210-01 Configure Inspection Rules Chapter 8 Configuring a Simple Firewall Configure Inspection Rules...
Software Guide
Page 93
... acl 103 permits IPsec traffic from the home LAN to the corporate network. UDP is specified for single-channel protocols such as ! specific application protocols as denies Internet-initiated traffic inbound. FE4 is not necessary. as well as defined by the security policy. Returns to the...ip access-group {access-list-number | access-list-name}{in | out} Example: Router(config-if)# ip access-group 103 in OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 8-5 router ! ip access-group 103 in Router(config-if)# Step 6 exit Example: Router(config-if)#...
... acl 103 permits IPsec traffic from the home LAN to the corporate network. UDP is specified for single-channel protocols such as ! specific application protocols as denies Internet-initiated traffic inbound. FE4 is not necessary. as well as defined by the security policy. Returns to the...ip access-group {access-list-number | access-list-name}{in | out} Example: Router(config-if)# ip access-group 103 in OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 8-5 router ! ip access-group 103 in Router(config-if)# Step 6 exit Example: Router(config-if)#...
Software Guide
Page 105
You can use the Software Advisor tool. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 10-1 See the appropriate Cisco IOS configuration guides and command references for the Cisco Secure Router 520 Series routers. Note To verify that a specific feature is compatible with your configuration or troubleshooting needs. 10 C H A P T E R Additional Configuration Options...
You can use the Software Advisor tool. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 10-1 See the appropriate Cisco IOS configuration guides and command references for the Cisco Secure Router 520 Series routers. Note To verify that a specific feature is compatible with your configuration or troubleshooting needs. 10 C H A P T E R Additional Configuration Options...
Software Guide
Page 112
... . Sending 5, 53-byte segment OAM echoes, timeout is 100 percent (5/5), round-trip min/avg/max = 400/401/404 ms 12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 ADSL Troubleshooting Chapter 12 Troubleshooting ADSL Troubleshooting If you connect to abort. Example 12-1 ...use this command to determine whether a particular PVC is 2 seconds: !!!!! For more information on the ADSL LEDs, see the hardware installation guide specific for your router. • The ADSL CD LED is on the ADSL connection, see the hardware guide for your ATM interface. •...
... . Sending 5, 53-byte segment OAM echoes, timeout is 100 percent (5/5), round-trip min/avg/max = 400/401/404 ms 12-2 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 ADSL Troubleshooting Chapter 12 Troubleshooting ADSL Troubleshooting If you connect to abort. Example 12-1 ...use this command to determine whether a particular PVC is 2 seconds: !!!!! For more information on the ADSL LEDs, see the hardware installation guide specific for your router. • The ADSL CD LED is on the ADSL connection, see the hardware guide for your ATM interface. •...
Software Guide
Page 115
... commands are entered in Example 12-3. Chapter 12 Troubleshooting ATM Troubleshooting Commands show atm interface Command To display ATM-specific information about an ATM interface, use the show atm interface Command Output Description Field ATM interface AAL enabled Maximum VCs... configuration problems that you interpret any possible problems. Guidelines for the Cisco Secure Router 520 Series router. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-5 The Cisco Secure Router 520 Series routers support AAL5. Physical layer interface module ...
... commands are entered in Example 12-3. Chapter 12 Troubleshooting ATM Troubleshooting Commands show atm interface Command To display ATM-specific information about an ATM interface, use the show atm interface Command Output Description Field ATM interface AAL enabled Maximum VCs... configuration problems that you interpret any possible problems. Guidelines for the Cisco Secure Router 520 Series router. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 12-5 The Cisco Secure Router 520 Series routers support AAL5. Physical layer interface module ...
Software Guide
Page 116
...Using subfunction 0xA 00:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Sent command 0x5 12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 You can render your router unusable. Example 12-4 shows a...form of low network traffic so that the modem state does not transition to diagnose problems in the Cisco IOS Debug Command Reference. debug atm errors Command Use the debug atm errors command to use debug.... For this reason, use debug commands only to troubleshoot specific problems. The best time to display ATM errors. The no form of the network.
...Using subfunction 0xA 00:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Sent command 0x5 12-6 Cisco Secure Router 520 Series Software Configuration Guide OL-14210-01 You can render your router unusable. Example 12-4 shows a...form of low network traffic so that the modem state does not transition to diagnose problems in the Cisco IOS Debug Command Reference. debug atm errors Command Use the debug atm errors command to use debug.... For this reason, use debug commands only to troubleshoot specific problems. The best time to display ATM errors. The no form of the network.
Software Guide
Page 126
...match the default settings of your router, see a list of each command, including syntax, see Appendix C, "ROM Monitor." Each command mode supports specific Cisco IOS commands. For information on how to enter global configuration mode so that mode, and how to exit to a mode or enter the next mode... see the "Entering Global Configuration Mode" section later in that you see in this case a router. Configure the software to the following Cisco IOS command modes are used in this guide, how to access each mode configures different router elements, you can configure your router...
...match the default settings of your router, see a list of each command, including syntax, see Appendix C, "ROM Monitor." Each command mode supports specific Cisco IOS commands. For information on how to enter global configuration mode so that mode, and how to exit to a mode or enter the next mode... see the "Entering Global Configuration Mode" section later in that you see in this case a router. Configure the software to the following Cisco IOS command modes are used in this guide, how to access each mode configures different router elements, you can configure your router...
Software Guide
Page 127
...Router (config-if)# Exit and Entrance Method About This Mode To exit a router session, enter Use this guide. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. press Ctrl-Z....EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as described in "Enable Secret Passwords and Enable Passwords" later in this mode for the router Ethernet enter the exit command....
...Router (config-if)# Exit and Entrance Method About This Mode To exit a router session, enter Use this guide. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide A-3 Prompt Router> Privileged EXEC Enter the enable command from privileged EXEC mode. press Ctrl-Z....EXEC mode, enter the end command, or press Ctrl-Z. • To enter subinterface configuration mode, specify a subinterface with a specific interface, such as described in "Enable Secret Passwords and Enable Passwords" later in this mode for the router Ethernet enter the exit command....
Software Guide
Page 134
... routing protocol. Network Protocols Appendix B Concepts Network Protocols Network protocols enable the network to pass data from its source to a specific destination over the Internet. Hop count is widely used by the internetwork and higher layers to identify devices and to reach its ...destination. By default, RIP routing updates are broadcast. RIP RIP is an associated protocol for route selection. Cisco Secure Router 520 Series Software Configuration Guide B-2 OL-14210-01 IP The best-known Transmission Control Protocol/Internet Protocol (TCP/IP...
... routing protocol. Network Protocols Appendix B Concepts Network Protocols Network protocols enable the network to pass data from its source to a specific destination over the Internet. Hop count is widely used by the internetwork and higher layers to identify devices and to reach its ...destination. By default, RIP routing updates are broadcast. RIP RIP is an associated protocol for route selection. Cisco Secure Router 520 Series Software Configuration Guide B-2 OL-14210-01 IP The best-known Transmission Control Protocol/Internet Protocol (TCP/IP...
Software Guide
Page 136
...with sporadic, occasionally heavy traffic requirements, and the IEEE 802.3 specification was designed to all information for DSL Asynchronous Transfer Mode (ATM) is considered a LAN with high bandwidth availability. Cisco Secure Router 520 Series Software Configuration Guide B-4 OL-14210-01...LANs. A host wanting to every node in individual routers. Ethernet allows any time. An ATM connection is quiet. TACACS+ Cisco Secure Router 520 Series routers support the Terminal Access Controller Access Control System Plus (TACACS+) protocol through a permanent virtual circuit ...
...with sporadic, occasionally heavy traffic requirements, and the IEEE 802.3 specification was designed to all information for DSL Asynchronous Transfer Mode (ATM) is considered a LAN with high bandwidth availability. Cisco Secure Router 520 Series Software Configuration Guide B-4 OL-14210-01...LANs. A host wanting to every node in individual routers. Ethernet allows any time. An ATM connection is quiet. TACACS+ Cisco Secure Router 520 Series routers support the Terminal Access Controller Access Control System Plus (TACACS+) protocol through a permanent virtual circuit ...
Software Guide
Page 137
...the contents of user information into legal addresses before sending packets to the ATM subsystem of data in a manner that follows the specific AAL format. An AAL defines the conversion of the data. NAT translates the inside network (a network that uses nonregistered IP addresses)... is a connection between remote hosts and routers. Users can be used when configuring PPP over ATM. in multiple intranets. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide B-5 The characteristics of the PVC that you are connecting to a PVC. Appendix B Concepts NAT ...
...the contents of user information into legal addresses before sending packets to the ATM subsystem of data in a manner that follows the specific AAL format. An AAL defines the conversion of the data. NAT translates the inside network (a network that uses nonregistered IP addresses)... is a connection between remote hosts and routers. Users can be used when configuring PPP over ATM. in multiple intranets. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide B-5 The characteristics of the PVC that you are connecting to a PVC. Appendix B Concepts NAT ...