Loading...Cisco 857, 876, 877, 878, 851 Access Routers Software Configuration Guide
...
Cisco 850 Series and Cisco 870 Series
Access Routers Software
Configuration Guide
Corporate Headquarters
Cisco Systems, Inc. 170 West Tasman Drive
San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 526-4100
Text Part Number: OL-5332-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCSP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0501R)
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
Copyright © 2005, Cisco Systems, Inc.
All rights reserved.
C O N T E N T S
Preface 11 |
|
Audience 11 |
|
Organization |
12 |
Conventions |
13 |
|
|
|
Notes, Cautions, and Timesavers |
13 |
|
|
|
|
|
|
||||
|
|
|
Command Conventions |
13 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Related Documents |
14 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Obtaining Documentation and Submitting a Service Request 14 |
|||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Getting Started |
|
|
|
|
|
|
|
|
|
|
|
P A R T 1 |
|
|
|
|
|
|
|
|
|
|
|
|||
|
|
Basic Router Configuration |
|
|
|
|
|
|
|
|
|
|
||
C H A P T E R 1 |
1 |
|
|
|
|
|
|
|
|
|
||||
|
|
|
Interface Port Labels |
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Viewing the Default Configuration |
2 |
|
|
|
|
|
|
|
|||
|
|
|
Information Needed for Configuration |
4 |
|
|
|
|
|
|
||||
|
|
|
Configuring Basic Parameters |
5 |
|
|
|
|
|
|
|
|
||
|
|
|
Configure Global Parameters |
5 |
|
|
|
|
|
|
|
|||
|
|
|
Configure Fast Ethernet LAN Interfaces |
6 |
|
|
|
|
|
|||||
|
|
|
Configure WAN Interfaces |
6 |
|
|
|
|
|
|
|
|||
|
|
|
Configure the Fast Ethernet WAN Interface |
6 |
|
|
|
|
||||||
|
|
|
Configure the ATM WAN Interface |
7 |
|
|
|
|
|
|||||
|
|
|
Configure the Wireless Interface |
7 |
|
|
|
|
|
|
||||
|
|
|
Configuring a Loopback Interface |
8 |
|
|
|
|
|
|
||||
|
|
|
Configuration Example |
|
8 |
|
|
|
|
|
|
|
||
|
|
|
Verifying Your Configuration |
9 |
|
|
|
|
|
|
||||
|
|
|
Configuring Command-Line Access to the Router |
9 |
|
|
|
|
||||||
|
|
|
Configuration Example |
|
11 |
|
|
|
|
|
|
|
||
|
|
|
Configuring Static Routes |
11 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Example |
12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Verifying Your Configuration |
12 |
|
|
|
|
|
|
|
|||
|
|
|
Configuring Dynamic Routes |
12 |
|
|
|
|
|
|
|
|
||
|
|
|
Configuring RIP |
13 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Example |
|
14 |
|
|
|
|
|
|
|
||
|
|
|
Verifying Your Configuration |
14 |
|
|
|
|
|
|
||||
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|||||||
|
|
|
|
|
||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
|
|
|
|
|
|
3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
Contents
|
|
|
|
|
|
Configuring Enhanced IGRP |
14 |
|
|
|
|
|
|
||
|
|
|
|
|
|
Configuration Example |
15 |
|
|
|
|
|
|
||
|
|
|
|
|
|
Verifying Your Configuration |
15 |
|
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
|||||||
|
|
|
|
|
|
Configuring Your Router for Ethernet and DSL Access |
|
|
|
||||||
P A R T 2 |
|
|
|
|
|
|
|||||||||
|
|
|
|
Sample Network Deployments |
|
|
|
|
|
|
|
||||
C H A P T E R |
2 |
|
1 |
|
|
|
|
|
|
||||||
|
|
|
|
Configuring PPP over Ethernet with NAT |
|
|
|
|
|||||||
C H A P T E R |
3 |
|
1 |
|
|
|
|||||||||
|
|
|
|
|
|
Configure the Virtual Private Dialup Network Group Number |
2 |
|
|
||||||
|
|
|
|
|
|
Configure the Fast Ethernet WAN Interfaces 3 |
|
|
|
||||||
|
|
|
|
|
|
Configure the Dialer Interface |
4 |
|
|
|
|
|
|
||
|
|
|
|
|
|
Configure Network Address Translation |
6 |
|
|
|
|||||
|
|
|
|
|
|
Configuration Example |
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Verifying Your Configuration |
9 |
|
|
|
|
|
|||
|
|
|
|
Configuring PPP over ATM with NAT |
|
|
|
|
|
||||||
C H A P T E R |
4 |
|
1 |
|
|
|
|
||||||||
|
|
|
|
|
|
Configure the Dialer Interface |
3 |
|
|
|
|
|
|
||
|
|
|
|
|
|
Configure the ATM WAN Interface |
5 |
|
|
|
|
|
|||
|
|
|
|
|
|
Configure DSL Signaling Protocol |
6 |
|
|
|
|
|
|||
|
|
|
|
|
|
Configuring ADSL |
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Verify the Configuration |
7 |
|
|
|
|
|
|||
|
|
|
|
|
|
Configuring SHDSL |
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Verify the Configuration |
8 |
|
|
|
|
|
|||
|
|
|
|
|
|
Configure Network Address Translation |
9 |
|
|
|
|||||
|
|
|
|
|
|
Configuration Example |
11 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Verifying Your Configuration |
12 |
|
|
|
|
|
|||
|
|
|
|
Configuring a LAN with DHCP and VLANs |
|
|
|
|
|||||||
C H A P T E R |
5 |
|
1 |
|
|
|
|||||||||
|
|
|
|
|
|
Configure DHCP |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Example |
4 |
|
|
|
|
|
|
||
|
|
|
|
|
|
Verify Your DHCP Configuration |
4 |
|
|
|
|
||||
|
|
|
|
|
|
Configure VLANs |
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Assign a Switch Port to a VLAN |
6 |
|
|
|
|
||||
|
|
|
|
|
|
Verify Your VLAN Configuration |
6 |
|
|
|
|
||||
|
|
|
|
Configuring a VPN Using Easy VPN and an IPSec Tunnel |
|
|
|
||||||||
C H A P T E R |
6 |
|
1 |
|
|
||||||||||
|
|
|
|
|
|
Configure the IKE Policy |
4 |
|
|
|
|
|
|
|
|
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
||||||||
|
|
|
|
|
|
|
|||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4 |
|
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||
Contents
|
|
|
|
Configure Group Policy Information |
5 |
|
|
|
|
|
|
|
|
|||
|
|
|
|
Apply Mode Configuration to the Crypto Map |
6 |
|
|
|
|
|
||||||
|
|
|
|
Enable Policy Lookup |
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configure IPSec Transforms and Protocols |
7 |
|
|
|
|
|
|
|||||
|
|
|
|
Configure the IPSec Crypto Method and Parameters |
8 |
|
|
|
|
|||||||
|
|
|
|
Apply the Crypto Map to the Physical Interface |
9 |
|
|
|
|
|
||||||
|
|
|
|
Create an Easy VPN Remote Configuration |
10 |
|
|
|
|
|
|
|||||
|
|
|
|
Verifying Your Easy VPN Configuration |
11 |
|
|
|
|
|
|
|||||
|
|
|
|
Configuration Example |
|
11 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation 1 |
|||||||||||||
C H A P T E R |
7 |
|||||||||||||||
|
|
|
|
Configure a VPN 2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configure the IKE Policy |
3 |
|
|
|
|
|
|
|
|
|
||
|
|
|
|
Configure Group Policy Information |
|
4 |
|
|
|
|
|
|
||||
|
|
|
|
Enable Policy Lookup |
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configure IPSec Transforms and Protocols |
5 |
|
|
|
|
|
||||||
|
|
|
|
Configure the IPSec Crypto Method and Parameters 6 |
||||||||||||
|
|
|
|
Apply the Crypto Map to the Physical Interface |
7 |
|
|
|
|
|||||||
|
|
|
|
Configure a GRE Tunnel |
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Example |
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring a Simple Firewall |
|
|
|
|
|
|
|
|
|
|
|||
C H A P T E R |
8 |
1 |
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
Configure Access Lists |
|
3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configure Inspection Rules |
3 |
|
|
|
|
|
|
|
|
|
||
|
|
|
|
Apply Access Lists and Inspection Rules to Interfaces |
4 |
|
|
|
|
|||||||
|
|
|
|
Configuration Example |
|
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring a Wireless LAN Connection |
|
|
|
|
|
|
|
|
|||||
C H A P T E R |
9 |
|
1 |
|
|
|
|
|
|
|||||||
|
|
|
|
Configure the Root Radio Station |
2 |
|
|
|
|
|
|
|
|
|||
|
|
|
|
Configure Bridging on VLANs |
4 |
|
|
|
|
|
|
|
|
|
||
|
|
|
|
Configure Radio Station Subinterfaces |
6 |
|
|
|
|
|
|
|
||||
|
|
|
|
Configuration Example |
|
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Sample Configuration |
|
|
|
|
|
|
|
|
|
|
|
|
|
C H A P T E R |
10 |
1 |
|
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|||||||||||||
|
|
|
|
Configuring Additional Features and Troubleshooting |
|
|||||||||||
P A R T 3 |
|
|||||||||||||||
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|||||||||
|
|
|
|
|||||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
|
|
|
|
|
|
|
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||
Contents
C H A P T E R |
11 |
Additional Configuration Options |
1 |
|
|
|
||||||
|
|
Configuring Security Features |
|
|
|
|
|
|||||
C H A P T E R |
12 |
1 |
|
|
|
|
||||||
|
|
|
|
Authentication, Authorization, and Accounting |
1 |
|
||||||
|
|
|
|
Configuring AutoSecure |
2 |
|
|
|
|
|
||
|
|
|
|
Configuring Access Lists |
2 |
|
|
|
|
|
||
|
|
|
|
Access Groups |
3 |
|
|
|
|
|
|
|
|
|
|
|
Guidelines for Creating Access Groups |
3 |
|
||||||
|
|
|
|
Configuring a CBAC Firewall |
3 |
|
|
|
|
|||
|
|
|
|
Configuring Cisco IOS Firewall IDS |
4 |
|
|
|
||||
|
|
|
|
Configuring VPNs |
4 |
|
|
|
|
|
|
|
|
|
Configuring Dial Backup and Remote Management 1 |
||||||||||
C H A P T E R |
13 |
|||||||||||
|
|
|
|
Dial Backup Feature Activation Methods |
1 |
|
|
|||||
|
|
|
|
Backup Interfaces |
2 |
|
|
|
|
|
||
|
|
|
|
Configuring Backup Interfaces 2 |
|
|
|
|||||
|
|
|
|
Floating Static Routes |
2 |
|
|
|
|
|||
|
|
|
|
Configuring Floating Static Routes |
3 |
|
|
|||||
|
|
|
|
Dialer Watch |
4 |
|
|
|
|
|
|
|
|
|
|
|
Configuring Dialer Watch |
4 |
|
|
|
||||
|
|
|
|
Dial Backup Feature Limitations |
5 |
|
|
|
||||
|
|
|
|
Configuration Example |
6 |
|
|
|
|
|||
|
|
|
|
Configuring Dial Backup and Remote Management Through the Console or Auxiliary Port 9 |
||||||||
|
|
|
|
Configuration Tasks |
10 |
|
|
|
|
|
||
|
|
|
|
Configuration Example |
13 |
|
|
|
|
|||
|
|
|
|
Configuring Dial Backup and Remote Management Through the ISDN S/T Port 16 |
||||||||
|
|
|
|
Configuration Tasks |
17 |
|
|
|
|
|
||
|
|
|
|
Configure ISDN Settings |
17 |
|
|
|
||||
|
|
|
|
Configure the Aggregator and ISDN Peer Router 20 |
||||||||
|
|
Troubleshooting |
|
|
|
|
|
|
|
|
||
C H A P T E R |
14 |
1 |
|
|
|
|
|
|
|
|||
|
|
|
|
Getting Started |
1 |
|
|
|
|
|
|
|
|
|
|
|
Before Contacting Cisco or Your Reseller |
1 |
|
|
|||||
|
|
|
|
ADSL Troubleshooting |
2 |
|
|
|
|
|
||
|
|
|
|
SHDSL Troubleshooting |
2 |
|
|
|
|
|
||
|
|
|
|
ATM Troubleshooting Commands |
2 |
|
|
|
||||
|
|
|
|
ping atm interface Command |
3 |
|
|
|
||||
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|||||||||
|
|
|
||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6 |
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
|
|
|
|
|
|
|
||
Contents
|
|
|
|
show interface Command |
3 |
|
|
|
|
|
|
||||
|
|
|
|
show atm interface Command |
5 |
|
|
|
|
|
|||||
|
|
|
|
debug atm Commands |
|
6 |
|
|
|
|
|
|
|
||
|
|
|
|
|
Guidelines for Using Debug Commands |
6 |
|
|
|
|
|||||
|
|
|
|
|
debug atm errors Command |
6 |
|
|
|
|
|
||||
|
|
|
|
|
debug atm events Command |
7 |
|
|
|
|
|
||||
|
|
|
|
|
debug atm packet Command |
8 |
|
|
|
|
|
||||
|
|
|
|
Software Upgrade Methods |
9 |
|
|
|
|
|
|
|
|||
|
|
|
|
Recovering a Lost Password |
9 |
|
|
|
|
|
|
|
|||
|
|
|
|
Change the Configuration Register 10 |
|
|
|
|
|
||||||
|
|
|
|
|
Reset the Router |
11 |
|
|
|
|
|
|
|
||
|
|
|
|
Reset the Password and Save Your Changes |
12 |
|
|
|
|
||||||
|
|
|
|
Reset the Configuration Register Value 12 |
|
|
|
|
|
||||||
|
|
|
|
Managing Your Router with SDM 13 |
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
Reference Information |
|
|
|
|
|
|
|
|
|
||
P A R T 4 |
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
Cisco IOS Software Basic Skills |
|
|
|
|
|
|
|
|||||
A P P E N D I X |
A |
1 |
|
|
|
|
|
|
|||||||
|
|
|
|
Configuring the Router from a PC |
1 |
|
|
|
|
|
|
||||
|
|
|
|
Understanding Command Modes |
2 |
|
|
|
|
|
|
||||
|
|
|
|
Getting Help 4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Enable Secret Passwords and Enable Passwords |
5 |
|
|
|
|
||||||
|
|
|
|
Entering Global Configuration Mode |
5 |
|
|
|
|
|
|||||
|
|
|
|
Using Commands |
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Abbreviating Commands |
6 |
|
|
|
|
|
|
|
|||
|
|
|
|
Undoing Commands |
6 |
|
|
|
|
|
|
|
|
||
|
|
|
|
Command-Line Error Messages |
6 |
|
|
|
|
|
|||||
|
|
|
|
Saving Configuration Changes |
7 |
|
|
|
|
|
|
||||
|
|
|
|
Summary 7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Where to Go Next |
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Concepts |
|
|
|
|
|
|
|
|
|
|
|
|
A P P E N D I X |
B |
1 |
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
ADSL |
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SHDSL |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Network Protocols |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IP |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Routing Protocol Options |
2 |
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
||||||
|
|
|
|
|
|
|
|||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
|
|
|
|
|
|
|
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
Contents
|
|
RIP |
3 |
|
|
|
|
|
|
|
Enhanced IGRP |
3 |
|
||||
|
PPP Authentication Protocols 3 |
|||||||
|
|
PAP |
4 |
|
|
|
|
|
|
|
CHAP |
|
4 |
|
|
|
|
|
TACACS+ |
|
5 |
|
|
|
|
|
|
Network Interfaces |
5 |
|
|||||
|
|
Ethernet |
5 |
|
|
|
||
|
|
ATM for DSL |
5 |
|
|
|||
|
|
PVC |
6 |
|
|
|
||
|
|
Dialer Interface |
6 |
|
||||
|
Dial Backup |
|
6 |
|
|
|
||
|
|
Backup Interface |
6 |
|
||||
|
|
Floating Static Routes |
7 |
|||||
|
|
Dialer Watch |
7 |
|
|
|||
|
NAT |
7 |
|
|
|
|
|
|
|
Easy IP (Phase 1) |
8 |
|
|
||||
|
Easy IP (Phase 2) |
8 |
|
|
||||
|
QoS |
9 |
|
|
|
|
|
|
|
|
IP Precedence |
9 |
|
|
|||
|
|
PPP Fragmentation and Interleaving 9 |
||||||
|
|
CBWFQ |
|
10 |
|
|
|
|
|
|
RSVP |
|
10 |
|
|
|
|
|
|
Low Latency Queuing |
10 |
|||||
|
Access Lists |
|
11 |
|
|
|
||
|
ROM Monitor |
|
|
|
|
|
|
|
A P P E N D I X C |
|
1 |
|
|
|
|
||
|
Entering the ROM Monitor |
1 |
||||||
|
ROM Monitor Commands |
2 |
||||||
|
Command Descriptions |
3 |
|
|||||
Disaster Recovery with TFTP Download |
3 |
|
TFTP Download Command Variables |
4 |
|
Required Variables |
4 |
|
Optional Variables |
5 |
|
Using the TFTP Download Command |
5 |
|
|
|
|
Configuration Register 6 |
|
|
|
|
|
Changing the Configuration Register Manually 6 |
|
|
|
|
|
Changing the Configuration Register Using Prompts |
6 |
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
|
|
OL-5332-01 |
|
|
|
|
|
Contents
|
Console Download |
7 |
|
|
Command Description |
8 |
|
|
Error Reporting |
8 |
|
|
Debug Commands |
8 |
|
|
Exiting the ROM Monitor |
10 |
|
|
Common Port Assignments |
|
|
A P P E N D I X D |
1 |
||
|
|
|
|
I N D E X |
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
9 |
|
|
|
Contents
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
10 |
OL-5332-01 |
|
|
Preface
This software configuration guide provides instructions for using the Cisco command-line interface (CLI) to configure features of the following Cisco 800 series routers:
•Cisco 850 Series Routers
–Cisco 851 Ethernet Access Router
–Cisco 857 DSL Access Router
•Cisco 870 Series Routers
–Cisco 871 Ethernet Access Router
–Cisco 876, Cisco 877, and Cisco 878 DSL Access Routers
This preface describes the intended audience, the organization of this guide, and the text and command conventions used throughout the guide. The preface includes the following topics:
•Audience
•Organization
•Conventions
•Related Documents
•Obtaining Documentation and Submitting a Service Request
Audience
This guide is intended for network administrators whose backgrounds vary from having no or little experience in configuring routers to having a high level of experience. You can use this guide in the following situations:
•You have configured the software by using the Cisco Router Web Setup tool, and you want to configure additional advanced software features by using the command-line interface (CLI).
•You want to configure the software using only the CLI.
Note We strongly recommend that network administrators with minimal familiarity with Cisco routers use the Cisco Router and Security Device Manager (SDM)—a web-based configuration tool that allows you to configure LAN and WAN interfaces, routing, Network Address Translation (NAT), firewalls, VPNs, and other features on your router. To obtain the SDM release notes and other SDM documentation, go to http://www.cisco.com/go/sdm and click the Technical Documentation link.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
11 |
|
|
|
Preface
Organization
See the “Organization” section of this preface to help you decide which chapters contain the information you need to configure your router.
Organization
This guide contains the following information:
Part 1: Getting Started
•Chapter 1, “Basic Router Configuration”—Describes how to configure basic router features and interfaces.
Part 2: Configuring Your Router for Ethernet and DSL Access
•Chapter 2, “Sample Network Deployments”—Provides a road map for Part 2.
•Chapter 3, “Configuring PPP over Ethernet with NAT”—Provides instructions on how to configure PPPoE with Network Address Translation (NAT) on your Cisco router.
•Chapter 4, “Configuring PPP over ATM with NAT”—Provides instructions on how to configure PPPoA with Network Address Translation (NAT) on your Cisco router.
•Chapter 5, “Configuring a LAN with DHCP and VLANs”—Provides instructions on how to configure your Cisco router with multiple VLANs and to have it act as a DHCP server.
•Chapter 6, “Configuring a VPN Using Easy VPN and an IPSec Tunnel”—Provides instructions on how to configure a virtual private network (VPN) with a secure IP tunnel using the Cisco Easy VPN.
•Chapter 7, “Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation”—Provides instructions on how to configure a VPN with a secure IP tunnel and generic routing encapsulation (GRE).
•Chapter 8, “Configuring a Simple Firewall”—Provides instructions on how to configure a basic firewall on your Cisco router.
•Chapter 9, “Configuring a Wireless LAN Connection”—Provides instructions on how to configure a wireless LAN connection on your Cisco router.
•Chapter 10, “Sample Configuration”—Presents a summary configuration example showing features configured in the preceding chapters of this part of the guide.
Part 3: Configuring Additional Features and Troubleshooting
•Chapter 11, “Additional Configuration Options”—Provides a road map for Part 3.
•Chapter 12, “Configuring Security Features”—Explains basic configuration of Cisco IOS security features, including firewall and VPN configuration.
•Chapter 13, “Configuring Dial Backup and Remote Management”—Provides instructions on how to configure your Cisco router for dial backup and remote management.
•Chapter 14, “Troubleshooting”—Provides information on identifying and solving problems with the ADSL line and the telephone interface. Also explains how to recover a lost software password.
Part 4: Reference Information
•Appendix A, “Cisco IOS Software Basic Skills”—Explains what you need to know about Cisco IOS software before you begin to configure it.
•Appendix B, “Concepts”—Provides general concept explanations of features.
•Appendix C, “ROM Monitor”—Describes the use of the ROM Monitor (ROMMON) utility.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
12 |
OL-5332-01 |
|
|
Preface
Conventions
•Appendix D, “Common Port Assignments”—Describes the currently assigned Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port numbers.
•Index
Conventions
This guide uses the conventions described in the following sections for instructions and information.
Notes, Cautions, and Timesavers
|
|
|
|
|
|
Notes, cautions and time-saving tips use the following conventions and symbols: |
||||||
|
|
|
|
|
|
|
|
|
||||
|
|
|
Note |
Means reader take note. Notes contain helpful suggestions or references to materials not contained in |
||||||||
|
|
|
|
|
|
this guide. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|||||
|
|
Caution |
This caution symbol means reader be careful. In this situation, you might do something that could result |
|||||||||
|
|
|
|
|
|
in equipment damage or loss of data. |
||||||
|
|
|
|
|
|
|
||||||
|
|
|
|
|
|
|
||||||
|
|
Timesaver |
This symbol means the described action saves time. |
|||||||||
|
|
|
|
|
|
|
||||||
Command Conventions |
|
|
|
|
|
|||||||
|
|
|
|
|
|
Table 1 describes the command syntax used in this guide. |
||||||
|
|
|
|
|
|
Table 1 |
Command Syntax Conventions |
|||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
Convention |
|
Description |
||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
boldface |
|
Commands and keywords. |
||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
italic |
|
Command input that is supplied by you. |
||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
[ ] |
|
Optional keywords and default responses to system |
||||
|
|
|
|
|
|
|
|
prompts appear within square brackets. |
||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
{x | x | x} |
|
A choice of keywords (represented by x) appears in |
||||
|
|
|
|
|
|
|
|
braces separated by vertical bars. You must select |
||||
|
|
|
|
|
|
|
|
one. |
||||
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
^ or Ctrl |
|
Represents the key labeled Control. For example, |
||||
|
|
|
|
|
|
|
|
when you read ^D or Ctrl-D, you should hold down |
||||
|
|
|
|
|
|
|
|
the Control key while you press the D key. |
||||
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
screen font |
Examples of information displayed on the screen. |
|||||
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
boldface screen |
Examples of information that you must enter. |
|||||
|
|
|
|
|
|
font |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
|
13 |
|
||||
|
|
|
|
|
|
|
||||||
Preface
Related Documents
Related Documents
The following publications provide related information on these routers:
•Cisco 850 Series and Cisco 870 Series Access Routers Cabling and Setup Quick Start Guide
•Cisco 850 Series and Cisco 870 Series Access Routers Hardware Installation Guide
•Cisco Router and Security Device Manager (SDM) Quick Start Guide
•Cisco Access Router Wireless Configuration Guide
•Upgrading Memory in Cisco 800 Series Routers
•Regulatory Compliance and Safety Information for Cisco 800 Series and SOHO Series Routers
•Declarations of Conformity and Regulatory Information for Cisco Access Products with 802.11a/b/g and 802.11b/g Radios
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
14 |
OL-5332-01 |
|
|
P A R T 1
Getting Started
C H A P T E R 1
Basic Router Configuration
This chapter provides procedures for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access. It also describes the default configuration on startup.
Note Individual router models may not support every feature described throughout this guide. Features not supported by a particular router are indicated whenever possible.
This chapter contains the following sections:
•Interface Port Labels
•Viewing the Default Configuration
•Information Needed for Configuration
•Configuring Basic Parameters
•Configuring Static Routes
•Configuring Dynamic Routes
•Configuring Enhanced IGRP
Each section includes a configuration example and verification steps, as available.
For complete information on how to access global configuration mode, see the “Entering Global Configuration Mode” section in Appendix A, “Cisco IOS Basic Skills.” For more information on the commands used in the following tables, see the Cisco IOS Release 12.3 documentation set.
Interface Port Labels
Table 1-1 lists the interfaces supported for each router and their associated port labels on the equipment.
Table 1-1 Supported Interfaces and Associated Port Labels by Cisco Router
|
|
Router |
|
Interface |
Port Label |
|
|||
|
|
|
|
|
|
|
|||
|
|
Cisco 851 |
|
Fast Ethernet LAN |
LAN (top), FE0–FE3 (bottom) |
||||
|
|
|
|
|
|
|
|||
|
|
|
|
Fast Ethernet WAN |
WAN (top), FE4 (bottom) |
||||
|
|
|
|
|
|
|
|||
|
|
|
|
Wireless LAN |
(no label) |
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|
||
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
|
OL-5332-01 |
|
|
|
|
1-1 |
|
||
|
|
|
|
|
|
||||
Chapter 1 Basic Router Configuration
Viewing the Default Configuration
Table 1-1 Supported Interfaces and Associated Port Labels by Cisco Router (continued)
Router |
Interface |
Port Label |
|
|
|
Cisco 871 |
Fast Ethernet LAN |
FE0–FE3 |
|
|
|
|
Fast Ethernet WAN |
FE4 |
|
|
|
|
Wireless LAN |
LEFT, RIGHT/PRIMARY |
|
|
|
|
USB |
1–0 |
|
|
|
Cisco 857 |
Fast Ethernet LAN |
LAN (top), FE0–FE3 (bottom) |
|
|
|
|
ATM WAN |
ADSLoPOTS |
|
|
|
|
Wireless LAN |
(no label) |
|
|
|
Cisco 876 |
Fast Ethernet LAN |
LAN (top), FE0–FE3 (bottom) |
|
|
|
|
ATM WAN |
ADSLoISDN |
|
|
|
|
Wireless LAN |
LEFT, RIGHT/PRIMARY |
|
|
|
|
BRI |
ISDN S/T |
|
|
|
Cisco 877 |
Fast Ethernet LAN |
LAN (top), FE0–FE3 (bottom) |
|
|
|
|
ATM WAN |
ADSLoPOTS |
|
|
|
|
Wireless LAN |
LEFT, RIGHT/PRIMARY |
|
|
|
Cisco 878 |
Fast Ethernet LAN |
FE0–FE3 |
|
|
|
|
ATM WAN |
G.SHDSL |
|
|
|
|
Wireless LAN |
LEFT, RIGHT/PRIMARY |
|
|
|
|
BRI |
ISDN S/T |
|
|
|
Viewing the Default Configuration
|
|
|
When you first boot up your Cisco router, some basic configuration has already been performed. All of |
|
|
|
|
the LAN and WAN interfaces have been created, console and VTY ports are configured, and the inside |
|
|
|
|
interface for Network Address Translation has been assigned. Use the show running-config command |
|
|
|
|
to view the initial configuration, as shown in Example 1-1. |
|
|
|
|
Example 1-1 Cisco 851 Default Configuration on Startup |
|
|
|
|
Router# show running-config |
|
|
|
|
Building configuration... |
|
|
|
|
Current configuration : 1090 bytes |
|
|
|
! |
|
|
|
|
|
version 12.3 |
|
|
|
|
no service pad |
|
|
|
|
service timestamps debug datetime msec |
|
|
|
|
service timestamps log datetime msec |
|
|
|
|
no service password-encryption |
|
|
|
! |
|
|
|
|
|
hostname Router |
|
|
|
! |
|
|
|
|
|
boot-start-marker |
|
|
|
|
boot-end-marker |
|
|
|
! |
|
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide |
|
|
|
|
||
|
|
|
|
|
|
1-2 |
|
OL-5332-01 |
|
|
|
|
||
Chapter 1 Basic Router Configuration
Viewing the Default Configuration
no aaa new-model ip subnet-zero
!
ip cef
ip ips po max-events 100 no ftp-server write-enable
!
interface FastEthernet0 no ip address
shutdown
!
interface FastEthernet1 no ip address
shutdown
!
interface FastEthernet2 no ip address
shutdown
!
interface FastEthernet3 no ip address
shutdown
!
interface FastEthernet4 no ip address
duplex auto speed auto
!
interface Dot11Radio0 no ip address shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
rts threshold 2312 station-role root
!
interface Vlan1 no ip address
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
no modem enable
transport |
preferred all |
transport |
output all |
line aux 0 |
|
transport |
preferred all |
transport |
output all |
line vty 0 |
4 |
login |
|
transport |
preferred all |
transport |
input all |
transport |
output all |
! |
|
end |
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-3 |
|
|
|
Chapter 1 Basic Router Configuration
Information Needed for Configuration
Information Needed for Configuration
You need to gather some or all of the following information, depending on your planned network scenario, prior to configuring your network
•If you are setting up an Internet connection, gather the following information:
–Point-to-Point Protocol (PPP) client name that is assigned as your login name
–PPP authentication type: Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP)
–PPP password to access your Internet service provider (ISP) account
–DNS server IP address and default gateways
•If you are setting up a connection to a corporate network, you and the network administrator must generate and share the following information for the WAN interfaces of the routers:
–PPP authentication type: CHAP or PAP
–PPP client name to access the router
–PPP password to access the router
•If you are setting up IP routing:
–Generate the addressing scheme for your IP network.
–Determine the IP routing parameter information, including IP address, and ATM permanent virtual circuits (PVCs). These PVC parameters are typically virtual path identifier (VPI), virtual circuit identifier (VCI), and traffic shaping parameters.
–Determine the number of PVCs that your service provider has given you, along with their VPIs and VCIs.
–For each PVC determine the type of AAL5 encapsulation supported. It can be one of the following:
AAL5SNAP—This can be either routed RFC 1483 or bridged RFC 1483. For routed RFC 1483, the service provider must provide you with a static IP address. For bridged RFC 1483, you may use DHCP to obtain your IP address, or you may obtain a static IP address from your service provider.
AAL5MUX PPP—With this type of encapsulation, you need to determine the PPP-related configuration items.
•If you plan to connect over an ADSL or G.SHDSL line:
–Order the appropriate line from your public telephone service provider.
For ADSL lines—Ensure that the ADSL signaling type is DMT (also called ANSI T1.413) or DMT Issue 2.
For G.SHDSL lines—Verify that the G.SHDSL line conforms to the ITU G.991.2 standard and supports Annex A (North America) or Annex B (Europe).
Once you have collected the appropriate information, you can perform a full configuration on your router, beginning with the tasks in the “Configuring Basic Parameters” section.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-4 |
OL-5332-01 |
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
Configuring Basic Parameters
To configure the router, perform one or more of these tasks:
•Configure Global Parameters
•Configure Fast Ethernet LAN Interfaces
•Configure WAN Interfaces
•Configuring a Loopback Interface
•Configuring Command-Line Access to the Router
A configuration example is presented with each task to show the network configuration following completion of that task.
Configure Global Parameters
Perform these steps to configure selected global parameters for your router:
|
Command |
Purpose |
Step 1 |
|
|
configure terminal |
Enters global configuration mode, when using the |
|
|
|
console port. |
|
Example: |
If you are connecting to the router using a remote |
|
|
|
|
Router> enable |
terminal, use the following: |
|
Router# configure terminal |
|
|
Router(config)# |
telnet router name or address |
|
|
Login: login id |
|
|
Password: ********* |
|
|
Router> enable |
Step 2 |
|
|
hostname name |
Specifies the name for the router. |
|
|
Example: |
|
|
Router(config)# hostname Router |
|
|
Router(config)# |
|
Step 3 |
|
|
enable secret password |
Specifies an encrypted password to prevent |
|
|
|
unauthorized access to the router. |
|
Example: |
|
|
Router(config)# enable secret cr1ny5ho |
|
|
Router(config)# |
|
Step 4 |
|
|
no ip domain-lookup |
Disables the router from translating unfamiliar |
|
|
|
words (typos) into IP addresses. |
|
Example: |
|
|
Router(config)# no ip domain-lookup |
|
|
Router(config)# |
|
|
|
|
For complete information on the global parameter commands, see the Cisco IOS Release 12.3 documentation set.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-5 |
|
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
Configure Fast Ethernet LAN Interfaces
The Fast Ethernet LAN interfaces on your router are automatically configured as part of the default VLAN and as such, they are not configured with individual addresses. Access is afforded through the VLAN. You may assign the interfaces to other VLANs if desired. For more information about creating VLANs, see Chapter 5, “Configuring a LAN with DHCP and VLANs.”
Configure WAN Interfaces
The Cisco 851 and Cisco 871 routers each have one Fast Ethernet interface for WAN connection. The Cisco 857, Cisco 877, and Cisco 878 routers each have one ATM interface for WAN connection.
Based on the router model you have, configure the WAN interface(s) using one of the following procedures:
•Configure the Fast Ethernet WAN Interface
•Configure the ATM WAN Interface
Configure the Fast Ethernet WAN Interface
This procedure applies only to the Cisco 851 and Cisco 871 router models. Perform these steps to configure the Fast Ethernet interface, beginning in global configuration mode:
|
Command |
Purpose |
Step 1 |
|
|
interface type number |
Enters the configuration mode for a Fast |
|
|
|
Ethernet WAN interface on the router. |
|
Example: |
|
|
Router(config)# interface fastethernet 4 |
|
|
Router(config-int)# |
|
Step 2 |
|
|
ip address ip-address mask |
Sets the IP address and subnet mask for the |
|
|
|
specified Fast Ethernet interface. |
|
Example: |
|
|
Router(config-int)# ip address 192.168.12.2 |
|
|
255.255.255.0 |
|
|
Router(config-int)# |
|
Step 3 |
|
|
no shutdown |
Enables the Ethernet interface, changing its |
|
|
|
state from administratively down to |
|
Example: |
administratively up. |
|
Router(config-int)# no shutdown |
|
|
Router(config-int)# |
|
Step 4 |
|
|
exit |
Exits configuration mode for the Fast Ethernet |
|
|
|
interface and returns to global configuration |
|
Example: |
mode. |
|
Router(config-int)# exit |
|
|
Router(config)# |
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-6 |
OL-5332-01 |
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
Configure the ATM WAN Interface
This procedure applies only to the Cisco 857, Cisco 876, Cisco 877 and Cisco 878 models.
Perform these steps to configure the ATM interface, beginning in global configuration mode:
|
Command |
Purpose |
Step 1 |
|
|
For the Cisco 878 model only: |
For routers using the G.SHDSL signaling, perform |
|
|
controller dsl 0 |
these commands. Ignore this step for routers using |
|
ADSL signaling. |
|
|
mode atm |
|
|
|
|
|
exit |
|
|
Example: |
|
|
Router(config)# controller dsl 0 |
|
|
Router(config-controller)# mode atm |
|
|
Router(config-controller)# exit |
|
|
Router(config)# |
|
Step 2 |
|
|
interface type number |
Identifies and enters the configuration mode for an |
|
|
|
ATM interface. |
|
Example: |
|
|
Router(config)# interface atm0 |
|
|
Router(config-int)# |
|
Step 3 |
|
|
ip address ip-address mask |
Sets the IP address and subnet mask for the ATM |
|
|
|
interface. |
|
Example: |
|
|
Router(config-int)# ip address 10.10.10.100 |
|
|
255.255.255.0 |
|
|
Router(config-int)# |
|
Step 4 |
|
|
no shutdown |
Enables the ATM 0 interface. |
|
|
Example: |
|
|
Router(config-int)# no shutdown |
|
|
Router(config-int)# |
|
Step 5 |
|
|
exit |
Exits configuration mode for the ATM interface |
|
|
|
and returns to global configuration mode. |
|
Example: |
|
|
Router(config-int)# exit |
|
|
Router(config)# |
|
|
|
|
Configure the Wireless Interface
The wireless interface enables connection to the router through a wireless LAN connection. For more information about configuring a wireless connection, see Chapter 9, “Configuring a Wireless LAN Connection,” and the Cisco Access Router Wireless Configuration Guide.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-7 |
|
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
Configuring a Loopback Interface
The loopback interface acts as a placeholder for the static IP address and provides default routing information.
For complete information on the loopback commands, see the Cisco IOS Release 12.3 documentation set.
Perform these steps to configure a loopback interface:
|
Command |
Purpose |
Step 1 |
|
|
interface type number |
Enters configuration mode for the loopback |
|
|
|
interface. |
|
Example: |
|
|
Router(config)# interface Loopback 0 |
|
|
Router(config-int)# |
|
Step 2 |
|
|
ip address ip-address mask |
Sets the IP address and subnet mask for the |
|
|
|
loopback interface. |
|
Example: |
|
|
Router(config-int)# ip address 10.108.1.1 |
|
|
255.255.255.0 |
|
|
Router(config-int)# |
|
Step 3 |
|
|
exit |
Exits configuration mode for the loopback |
|
|
|
interface and returns to global configuration |
|
Example: |
mode. |
|
Router(config-int)# exit |
|
|
Router(config)# |
|
|
|
|
Configuration Example
The loopback interface in this sample configuration is used to support Network Address Translation (NAT) on the virtual-template interface. This configuration example shows the loopback interface configured on the Fast Ethernet interface with an IP address of 10.10.10.100/24, which acts as a static IP address. The loopback interface points back to virtual-template1, which has a negotiated IP address.
!
interface loopback 0
ip address 10.10.10.100 255.255.255.0 (static IP address) ip nat outside
!
interface Virtual-Template1 ip unnumbered loopback0
no ip directed-broadcast ip nat outside
!
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-8 |
OL-5332-01 |
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
Verifying Your Configuration
To verify that you have properly configured the loopback interface, enter the show interface loopback command. You should see verification output similar to the following example.
Router# show interface loopback 0
Loopback0 is up, line protocol is up Hardware is Loopback
Internet address is 10.10.10.100/24
MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec, reliability 255/255, txload 1/255, rxload 1/255
Encapsulation LOOPBACK, loopback not set
Last input never, output never, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo
Output queue 0/0, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Another way to verify the loopback interface is to ping it:
Router# ping 10.10.10.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Configuring Command-Line Access to the Router
Perform these steps to configure parameters to control access to the router, beginning in global configuration mode.
|
Command |
Purpose |
Step 1 |
|
|
line [aux | console | tty | vty] line-number |
Enters line configuration mode, and specifies the |
|
|
|
type of line. |
|
Example: |
This example specifies a console terminal for |
|
|
|
|
Router(config)# line console 0 |
access. |
|
Router(config)# |
|
Step 2 |
|
|
password password |
Specifies a unique password for the console |
|
|
|
terminal line. |
|
Example: |
|
|
Router(config)# password 5dr4Hepw3 |
|
|
Router(config)# |
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-9 |
|
|
|
Chapter 1 Basic Router Configuration
Configuring Basic Parameters
|
Command |
Purpose |
Step 3 |
|
|
login |
Enables password checking at terminal session |
|
|
|
login. |
|
Example: |
|
|
Router(config)# login |
|
|
Router(config)# |
|
Step 4 |
|
|
exec-timeout minutes [seconds] |
Sets the interval that the EXEC command |
|
|
|
interpreter waits until user input is detected. The |
|
Example: |
default is 10 minutes. Optionally, add seconds to |
|
Router(config)# exec-timeout 5 30 |
the interval value. |
|
Router(config)# |
This example shows a timeout of 5 minutes and |
|
|
|
|
|
30 seconds. Entering a timeout of 0 0 specifies |
|
|
never to time out. |
Step 5 |
|
|
line [aux | console | tty | vty] line-number |
Specifies a virtual terminal for remote console |
|
|
|
access. |
|
Example: |
|
|
Router(config)# line vty 0 4 |
|
|
Router(config)# |
|
Step 6 |
|
|
password password |
Specifies a unique password for the virtual |
|
|
|
terminal line. |
|
Example: |
|
|
Router(config)# password aldf2ad1 |
|
|
Router(config)# |
|
Step 7 |
|
|
login |
Enables password checking at the virtual terminal |
|
|
|
session login. |
|
Example: |
|
|
Router(config)# login |
|
|
Router(config)# |
|
Step 8 |
|
|
end |
Exits line configuration mode, and returns to |
|
|
|
privileged EXEC mode. |
|
Example: |
|
|
Router(config)# end |
|
|
Router# |
|
|
|
|
For complete information about the command line commands, see the Cisco IOS Release 12.3 documentation set.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-10 |
OL-5332-01 |
|
|
Chapter 1 Basic Router Configuration
Configuring Static Routes
Configuration Example
The following configuration shows the command-line access commands.
You do not need to input the commands marked “default.” These commands appear automatically in the configuration file generated when you use the show running-config command.
!
line con 0 exec-timeout 10 0 password 4youreyesonly login
transport input none (default) stopbits 1 (default)
line vty 0 4 password secret login
!
Configuring Static Routes
Static routes provide fixed routing paths through the network. They are manually configured on the router. If the network topology changes, the static route must be updated with a new route. Static routes are private routes unless they are redistributed by a routing protocol. Configuring static routes on the Cisco 850 and Cisco 870 series routers is optional.
Perform these steps to configure static routes, beginning in global configuration mode:
|
Command |
|
Purpose |
Step 1 |
|
|
|
ip route prefix mask {ip-address | interface-type |
Specifies the static route for the IP packets. |
||
|
interface-number [ip-address]} |
For details about this command and additional |
|
|
|
|
|
|
Example: |
|
parameters that can be set, see the Cisco IOS IP |
|
|
Command Reference, Volume 2 of 4: Routing |
|
|
|
|
|
|
Router(config)# ip route 192.168.1.0 |
Protocols. |
|
|
255.255.0.0 |
10.10.10.2 |
|
|
Router(config)# |
|
|
Step 2 |
|
|
|
end |
|
Exits router configuration mode, and enters |
|
|
|
|
privileged EXEC mode. |
|
Example: |
|
|
|
Router(config)# end |
|
|
|
Router# |
|
|
|
|
|
|
For complete information on the static routing commands, see the Cisco IOS Release 12.3 documentation set. For more general information on static routing, see Appendix B, “Concepts.”
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-11 |
|
|
|
Chapter 1 Basic Router Configuration
Configuring Dynamic Routes
Configuration Example
In the following configuration example, the static route sends out all IP packets with a destination IP address of 192.168.1.0 and a subnet mask of 255.255.255.0 on the Fast Ethernet interface to another device with an IP address of 10.10.10.2. Specifically, the packets are sent to the configured PVC.
You do not need to enter the commands marked “(default).” These commands appear automatically in the configuration file generated when you use the show running-config command.
!
ip classless (default)
ip route 192.168.1.0 255.255.255.0 10.10.10.2!
Verifying Your Configuration
To verify that you have properly configured static routing, enter the show ip route command and look for static routes signified by the “S.”
You should see verification output similar to the following example.
Router# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.108.1.0 is directly connected, Loopback0 S* 0.0.0.0/0 is directly connected, FastEthernet0
Configuring Dynamic Routes
In dynamic routing, the network protocol adjusts the path automatically, based on network traffic or topology. Changes in dynamic routes are shared with other routers in the network.
The Cisco routers can use IP routing protocols, such as Routing Information Protocol (RIP) or Enhanced Interior Gateway Routing Protocol (EIGRP), to learn routes dynamically. You can configure either of these routing protocols on your router.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-12 |
OL-5332-01 |
|
|
Chapter 1 Basic Router Configuration
Configuring Dynamic Routes
Configuring RIP
Perform these steps to configure the RIP routing protocol on the router, beginning in global configuration mode:
|
Command |
Task |
Step 1 |
|
|
router rip |
Enters router configuration mode, and enables RIP |
|
|
|
on the router. |
|
Example: |
|
|
Router> configure terminal |
|
|
Router(config)# router rip |
|
|
Router(config-router)# |
|
Step 2 |
|
|
version {1 | 2} |
Specifies use of RIP version 1 or 2. |
|
|
Example: |
|
|
Router(config-router)# version 2 |
|
|
Router(config-router)# |
|
Step 3 |
|
|
network ip-address |
Specifies a list of networks on which RIP is to be |
|
|
|
applied, using the address of the network of |
|
Example: |
directly connected networks. |
|
Router(config-router)# network 192.168.1.1 |
|
|
Router(config-router)# network 10.10.7.1 |
|
|
Router(config-router)# |
|
Step 4 |
|
|
no auto-summary |
Disables automatic summarization of subnet routes |
|
|
|
into network-level routes. This allows subprefix |
|
Example: |
routing information to pass across classful network |
|
Router(config-router)# no auto-summary |
boundaries. |
|
Router(config-router)# |
|
Step 5 |
|
|
end |
Exits router configuration mode, and enters |
|
|
|
privileged EXEC mode. |
|
Example: |
|
|
Router(config-router)# end |
|
|
Router# |
|
|
|
|
For complete information on the dynamic routing commands, see the Cisco IOS Release 12.3 documentation set. For more general information on RIP, see Appendix B, “Concepts.”
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
|
OL-5332-01 |
1-13 |
|
|
|
Chapter 1 Basic Router Configuration
Configuring Enhanced IGRP
Configuration Example
The following configuration example shows RIP version 2 enabled in IP network 10.0.0.0 and 192.168.1.0.
Execute the show running-config command from privileged EXEC mode to see this configuration.
!
router rip version 2 network 10.0.0.0
network 192.168.1.0 no auto-summary
!
Verifying Your Configuration
To verify that you have properly configured RIP, enter the show ip route command and look for RIP routes signified by “R.” You should see a verification output like the example shown below.
Router# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.108.1.0 is directly connected, Loopback0
R 3.0.0.0/8 [120/1] via 2.2.2.1, 00:00:02, Ethernet0/0
Configuring Enhanced IGRP
Perform these steps to configure Enhanced IGRP (EIGRP), beginning in global configuration mode:
|
Command |
Purpose |
Step 1 |
|
|
router eigrp as-number |
Enters router configuration mode, and enables |
|
|
|
EIGRP on the router. The autonomous-system |
|
Example: |
number identifies the route to other EIGRP routers |
|
Router(config)# router eigrp 109 |
and is used to tag the EIGRP information. |
|
Router(config)# |
|
|
|
|
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
1-14 |
OL-5332-01 |
|
|
Loading...