Cisco 1812W - Integrated Services Router Wireless Configuration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Wireless Router
  5. 1812W - Integrated Services Router Wireless
  6. Configuration manual

Cisco 1812W - Integrated Services Router Wireless Configuration Manual

1800 series integrated services routers
Hide thumbs Also See for 1812W - Integrated Services Router Wireless:
Table of Contents

Quick Links

Cisco 1800 Series Integrated Services
Routers (Fixed) Software Configuration
Guide
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-6426-02
Table of Contents
loading

Related Manuals for Cisco 1812W - Integrated Services Router Wireless

Summary of Contents for Cisco 1812W - Integrated Services Router Wireless

  • Page 1 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL-6426-02...
  • Page 2 OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCSP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.;...

  • Page 3: Table Of Contents

    Configuring Basic Parameters Configure Global Parameters Configure Fast Ethernet LAN Interfaces Configure WAN Interfaces Configure the Fast Ethernet WAN Interface Configure the ATM WAN Interface Configure the Wireless Interface Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 4 Configure the ATM WAN Interface Configure DSL Signaling Protocol Configuring ADSL Verify the Configuration Configuring SHDSL Verify the Configuration Configure Network Address Translation Configuration Example Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration GuideCisco 1800 Series Integrated Services Routers (Fixed) OL-6426-02...
  • Page 5 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation C H A P T E R Configure a VPN Configure the IKE Policy Configure Group Policy Information Enable Policy Lookup Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 6 Configuring Cisco IOS Firewall IDS Configuring VPNs Configuring Dial Backup and Remote Management C H A P T E R Dial Backup Feature Activation Methods Backup Interfaces Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration GuideCisco 1800 Series Integrated Services Routers (Fixed) OL-6426-02...
  • Page 7 Change the Configuration Register Reset the Router Reset the Password and Save Your Changes Reset the Configuration Register Value Managing Your Router with SDM Reference Information P A R T Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 8 PPP Authentication Protocols CHAP TACACS+ Network Interfaces Ethernet Dialer Interface Dial Backup Backup Interface Floating Static Routes Dialer Watch Easy IP (Phase 1) Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration GuideCisco 1800 Series Integrated Services Routers (Fixed) OL-6426-02...
  • Page 9 Changing the Configuration Register Using Prompts Console Download Command Description Error Reporting Debug Commands Exiting the ROM Monitor Common Port Assignments A P P E N D I X N D E X Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 10 Contents Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration GuideCisco 1800 Series Integrated Services Routers (Fixed) OL-6426-02...

  • Page 11: Preface

    You can use this guide in the following situations: • You have configured the software by using the Cisco Router Web Setup tool, and you want to configure additional advanced software features by using the command-line interface (CLI). •...

  • Page 12: Organization

    Chapter 6 Configuring a VPN Using Easy VPN and an Provides instructions on how to configure a virtual private IPSec Tunnel network (VPN) with a secure IP tunnel using the Cisco Easy VPN. Chapter 7 Configuring VPNs Using an IPSec Tunnel...

  • Page 13: Conventions

    Optional keywords and default responses to system prompts appear within square brackets. {x | x | x} A choice of keywords (represented by x) appears in braces separated by vertical bars. You must select one. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 14: Related Documents

    Cisco IOS software release installed on your router. Obtaining Documentation Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

  • Page 15: Cisco.com

    Documentation DVD Cisco documentation and additional literature are available in a Documentation DVD package, which may have shipped with your product. The Documentation DVD is updated regularly and may be more current than printed documentation. The Documentation DVD package is available as a single unit.

  • Page 16: Documentation Feedback

    Register to receive security information from Cisco. • A current list of security advisories and notices for Cisco products is available at this URL: http://www.cisco.com/go/psirt If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL: http://www.cisco.com/en/US/products/products_psirt_rss_feed.html...

  • Page 17: Obtaining Technical Assistance

    Cisco TAC engineer. The TAC Service Request Tool is located at this URL: http://www.cisco.com/techsupport/servicerequest For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

  • Page 18: Definitions Of Service Request Severity

    Definitions of Service Request Severity To ensure that all service requests are reported in a standard format, Cisco has established severity definitions. Severity 1 (S1)—Your network is “down,” or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
  • Page 19 Preface Obtaining Additional Publications and Information iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies • learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions.
  • Page 20 Preface Obtaining Additional Publications and Information Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 21: Getting Started

    A R T Getting Started...

  • Page 23: Chapter 1 Basic Router Configuration

    C H A P T E R Basic Router Configuration This chapter provides procedures for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access. It also describes the default configuration on startup. Note that individual router models may not support every feature described throughout this guide.

  • Page 24: Viewing The Default Configuration

    1–0 Viewing the Default Configuration When you first boot up your Cisco router, some basic configuration has already been performed. All of the LAN and WAN interfaces have been created, console and VTY ports are configured, and the inside interface for Network Address Translation has been assigned. Use the show running-config command...
  • Page 25 FastEthernet3 no ip address shutdown interface FastEthernet4 no ip address shutdown interface FastEthernet5 no ip address shutdown interface FastEthernet6 no ip address shutdown interface FastEthernet7 no ip address shutdown Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 26: Information Needed For Configuration

    Determine the number of PVCs that your service provider has given you, along with their VPIs – and VCIs. For each PVC determine the type of AAL5 encapsulation supported. It can be one of the – following: Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 27: Configuring Basic Parameters

    Configuring a Loopback Interface • Configuring Command-Line Access to the Router A configuration example is presented with each task to show the network configuration following completion of that task. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 28: Configure Global Parameters

    Example: Router(config)# no ip domain-lookup Router(config)# For complete information on the global parameter commands, see the Cisco IOS Release 12.3 documentation set. Configure Fast Ethernet LAN Interfaces The Fast Ethernet LAN interfaces on your router are automatically configured as part of the default VLAN and as such, they are not configured with individual addresses.

  • Page 29: Configure Wan Interfaces

    Configure the ATM WAN Interface • Configure the Fast Ethernet WAN Interface This procedure applies only to the Cisco 1811 and Cisco 1812 router models. Perform these steps to configure the Fast Ethernet interfaces, beginning in global configuration mode. Command...

  • Page 30: Configure The Atm Wan Interface

    Basic Router Configuration Configuring Basic Parameters Configure the ATM WAN Interface This procedure applies only to the Cisco 1801, Cisco 1802, and Cisco 1803 models. Perform these steps to configure the ATM interface, beginning in global configuration mode: Command Purpose...

  • Page 31: Configure The Wireless Interface

    The loopback interface acts as a placeholder for the static IP address and provides default routing information. For complete information on the loopback commands, see the Cisco IOS Release 12.3 documentation set. Perform these steps to configure a loopback interface:...

  • Page 32: Verifying Your Configuration

    This example specifies a console terminal for Router(config)# line console 0 access. Router(config)# Step 2 password password Specifies a unique password for the console terminal line. Example: Router(config)# password 5dr4Hepw3 Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 1-10 OL-6426-02...
  • Page 33 Exits line configuration mode, and returns to privileged EXEC mode. Example: Router(config)# end Router# For complete information about the command line commands, see the Cisco IOS Release 12.3 documentation set. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 1-11 OL-6426-02...

  • Page 34: Configuration Example

    Example: Router(config)# end Router# For complete information on the static routing commands, see the Cisco IOS Release 12.3 documentation set. For more general information on static routing, see Appendix B, “Concepts.” Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide...

  • Page 35: Configuration Example

    Changes in dynamic routes are shared with other routers in the network. The Cisco routers can use IP routing protocols, such as Routing Information Protocol (RIP) or Enhanced Interior Gateway Routing Protocol (EIGRP), to learn routes dynamically. You can configure either of these routing protocols on your router.

  • Page 36: Configuring Rip

    Example: Router(config-router)# end Router# For complete information on the dynamic routing commands, see the Cisco IOS Release 12.3 documentation set. For more general information on RIP, see Appendix B, “Concepts.” Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide...

  • Page 37: Configuration Example

    EIGRP on the router. The autonomous-system number identifies the route to other EIGRP routers Example: and is used to tag the EIGRP information. Router(config)# router eigrp 109 Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 1-15 OL-6426-02...

  • Page 38: Configuration Example

    EXEC mode. Example: Router(config-router)# end Router# For complete information on the IP EIGRP commands, see the Cisco IOS Release 12.3 documentation set. For more general information on EIGRP concepts, see Appendix B, “Concepts.” Configuration Example The following configuration example shows the EIGRP routing protocol enabled in IP networks 192.145.1.0 and 10.10.12.115.

  • Page 39: Configuring Your Router For Ethernet And Dsl Access

    A R T Configuring Your Router for Ethernet and DSL Access...

  • Page 41: Chapter 2 Sample Network Deployments

    The Cisco 1811 and Cisco 1812 router models can be used in the Ethernet-based scenarios and the Cisco 1801, Cisco 1802, and Cisco 1803 router models can be used in the DSL-based scenarios.
  • Page 42 Chapter 2 Sample Network Deployments Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 43: Configuring Ppp Over Ethernet With Nat

    Point at which NAT occurs Fast Ethernet WAN interface (outside interface for NAT) Cable modem or other server (for example, a Cisco 6400 server) that is connected to the Internet PPPoE session between the client and a PPPoE server Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide...

  • Page 44: Configure The Virtual Private Dialup Network Group Number

    Ethernet interface, but each session must use a separate dialer interface and a separate dialer pool. A PPPoE session is initiated on the client side by the Cisco 1800 series router. An established PPPoE client session can be terminated in one of two ways: By entering the clear vpdn tunnel pppoe command.

  • Page 45: Configure The Fast Ethernet Wan Interfaces

    Router(config)# Configure the Fast Ethernet WAN Interfaces In this scenario, the PPPoE client (your Cisco router) communicates over a 10/100-Mbps Ethernet interface on both the inside and the outside. The Cisco 1800 series integrated services fixed-configuration routers have a hardware limitation on the Note Fast Ethernet ports FE0 and FE1.
  • Page 46 Example: Router(config-if)# no shutdown Router(config-if)# Step 4 exit Exits configuration mode for the Fast Ethernet interface and returns to global configuration mode. Example: Router(config-if)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 47: Configure The Dialer Interface

    Cisco IOS Router(config-if)# Security Command Reference. Step 6 dialer pool number Specifies the dialer pool to use to connect to a specific destination subnetwork. Example: Router(config-if)# dialer pool 1 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 48 For details about this command and additional Example: parameters that can be set, see the Cisco IOS IP Router(config)# ip route 10.10.25.2 Command Reference, Volume 2; Routing 0.255.255.255 dialer 0 Protocols. Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 49: Configure Network Address Translation

    Router(config-if)# ip nat inside parameters that can be set, as well as information Router(config-if)# about enabling static translation, see the Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 50 If you want to use NAT with a virtual-template interface, you must configure a loopback interface. See Note Chapter 1, “Basic Router Configuration,” for information on configuring a loopback interface. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 51: Configuration Example

    Chapter 3 Configuring PPP over Ethernet with NAT Configuration Example For complete information on the NAT commands, see the Cisco IOS Release 12.3 documentation set. For more general information on NAT concepts, see Appendix B, “Concepts.” Configuration Example The following configuration example shows a portion of the configuration file for the PPPoE scenario described in this chapter.

  • Page 52: Verifying Your Configuration

    Misses: 0 CEF Translated packets: 0, CEF Punted packets: 0 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 1 interface Dialer0 refcount 0 Queued Packets: 0 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 3-10 OL-6426-02...

  • Page 53: Chapter 4 Configuring Ppp Over Atm With Nat

    Figure 4-1 shows a typical deployment scenario with a PPPoA client and NAT configured on the Cisco router. This scenario uses a single static IP address for the ATM connection. Figure 4-1 PPP over ATM with NAT Small business with multiple networked devices—desktops, laptop PCs, switches...
  • Page 54 A PPPoA session is initiated on the client side by the Cisco 1800 series router. NAT (represented as the dashed line at the edge of the Cisco router) signifies two addressing domains and the inside source address. The source list defines how the packet travels through the network.

  • Page 55: Configure The Dialer Interface

    Cisco IOS Security Command Reference. Step 6 dialer pool number Specifies the dialer pool to use to connect to a specific destination subnetwork. Example: Router(config-if)# dialer pool 1 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 56 Cisco IOS IP Router(config)# ip route 10.10.25.0 Command Reference, Volume 1 of 4: Routing 255.255.255.0 dialer 0 Protocols. Router(config)# Repeat these steps for any additional dialer interfaces or dialer pools needed. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 57: Configure The Atm Wan Interface

    Specifies the ATM interface as a member of a dialer profile dialing pool. The pool number must be in the range of 1–255. Example: Router(config-if-atm-vc)# dialer pool-member 1 Router(config-if-atm-vc)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 58: Configure Dsl Signaling Protocol

    Router(config)# Configure DSL Signaling Protocol DSL signaling must be configured on the ATM interface for connection to your ISP. The Cisco 1801 supports ADSL signaling over POTS, the Cisco 1802 supports ADSL signaling over ISDN, and the Cisco 1803 supports SHDSL signaling.

  • Page 59: Verify The Configuration

    • dsl enable-training-log • See the Cisco IOS Wide-Area Networking Command Reference for details of these commands. Verify the Configuration You can verify that the configuration is set the way you want using the show dsl interface atm 0 command from privileged EXEC mode.

  • Page 60: Verify The Configuration

    Example: Router(config-controller)# exit Router(config)# If you are integrating your Cisco router into a European network, please use one of the following Note commands: For CO mode, use the dsl dsl-mode shdsl symmetric annex {A | B | B-ANFP} command to choose annex B or B-ANFP.

  • Page 61: Configure Network Address Translation

    You can configure NAT for either static or dynamic address translations. Perform these steps to configure the outside ATM WAN interface with dynamic NAT, beginning in global configuration mode: Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 62 Enables the configuration changes just made to the Ethernet interface. Example: Router(config-if)# no shutdown Router(config-if)# Step 6 exit Exits configuration mode for the Fast Ethernet interface. Example: Router(config-if)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 4-10 OL-6426-02...

  • Page 63: Configuration Example

    Note Chapter 1, “Basic Router Configuration,” for information on configuring the loopback interface. For complete information on NAT commands, see the Cisco IOS Release 12.3 documentation set. For more general information on NAT concepts, see Appendix B, “Concepts.” Configuration Example The following configuration example shows a portion of the configuration file for a client in the PPPoA scenario described in this chapter.

  • Page 64: Verifying Your Configuration

    Misses: 0 CEF Translated packets: 0, CEF Punted packets: 0 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 1 interface Dialer0 refcount 0 Queued Packets: 0 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 4-12 OL-6426-02...

  • Page 65: Chapter 5 Configuring A Lan With Dhcp And Vlans

    Whenever you change server properties, you must reload the server with the configuration data from the Note Network Registrar database. VLANs The Cisco 1800 series integrated services routers (fixed) support eight Fast Ethernet ports on which you can configure VLANs. See the “Switch Port Configurations” section on page 5-7 for a description of the interfaces and features that can be configured on the switch ports and a link to a document containing the configuration procedures.

  • Page 66: Configure Dhcp

    Router(config)# ip dhcp pool dpool1 Router(config-dhcp)# Step 5 network network-number [mask | prefix-length] Defines subnet number (IP) address for the DHCP address pool, optionally including the mask. Example: Router(config-dhcp)# network 10.10.0.0 255.255.255.0 Router(config-dhcp)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03...

  • Page 67: Configuration Example

    192.168.9.0 ip dhcp pool dpool1 import all network 10.10.0.0 255.255.255.0 default-router 10.10.10.10 dns-server 192.168.35.2 domain-name cisco.com ip domain name smallbiz.com ip name-server 192.168.11.12 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03...

  • Page 68: Verify Your Dhcp Configuration

    Address pools Database agents Automatic bindings Manual bindings Expired bindings Malformed messages Secure arp entries Message Received BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Message Sent BOOTREPLY DHCPOFFER DHCPACK DHCPNAK Router# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03...

  • Page 69: Configure Vlans

    MTU: 1500 Translational Bridged VLAN: 1002 Translational Bridged VLAN: 1003 VLAN ISL Id: 1002 Name: fddi-default Media Type: FDDI VLAN 802.10 Id: 101002 State: Operational MTU: 1500 Bridge Type: SRB Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03...
  • Page 70 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ enet 100001 1500 1002 1003 1002 fddi 101002 1500 1003 1003 tr 101003 1500 1005 1002 1004 fdnet 101004 1500 1005 trnet 101005 1500 Router# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03...

  • Page 71: Switch Port Configurations

    Switch Port Configurations Switch Port Configurations The 8 high speed Ethernet ports on the Cisco 1800 (fixed) integrated router supports 8 VLANs per port. To configure and verify VLANs on the switch ports see the the “Configure VLANs” section on page 5-5 and the “Verify Your VLAN Configuration”...

  • Page 72: Vlan Trunking Protocol (Vtp)

    The 802.1x protocol supports authentication and full authentication, authorization, and accounting [AAA] and RADIUS modes with port VLAN ID (PVID) and voice VLAN ID (VVID); and with VLAN assignment with guest VLAN single and multi-host support on the Cisco 1800 (fixed) Configuration Series.

  • Page 73: Layer 2 Interfaces

    Switch Port Configurations Layer 2 Interfaces The integrated switch ports support Layer 2 switching across Ethernet ports based on Cisco IOS Catalyst Software. They support simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. Different connections can be made for different segments for the next packet.

  • Page 74: Per-Port Storm Control

    Separate Voice and Data Subnets For ease of network administration and increased scalability, network managers can configure the switch ports to support Cisco IP phones such that the voice and data traffic reside on separate subnets. IGMP Snooping By default, IGMP Snooping is globally enabled on the switch ports. When globally enabled or disabled, it is also enabled or disabled on all VLAN interfaces.

  • Page 75: Chapter 6 Configuring A Vpn Using Easy Vpn And An Ipsec Tunnel

    The example in this chapter illustrates the configuration of a remote access VPN that uses the Cisco Easy VPN and an IPSec tunnel to configure and secure the connection between the remote client and the corporate network.
  • Page 76 Cisco Unity Client protocol. This protocol allows most VPN parameters, such as internal IP addresses, internal subnet masks, DHCP server addresses, WINS server addresses, and split-tunneling flags, to be defined at a VPN server, such as a Cisco VPN 3000 series concentrator that is acting as an IPSec server.

  • Page 77: Configure The Ike Policy

    The example specifies a pre-shared key. Router(config-isakmp)# authentication pre-share Router(config-isakmp)# Step 5 group {1 | 2 | 5} Specifies the Diffie-Hellman group to be used in an IKE policy. Example: Router(config-isakmp)# group 2 Router(config-isakmp)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 78: Configure Group Policy Information

    Router(config-isakmp-group)# dns 10.50.10.1 Internet Naming Service (WINS) servers Router(config-isakmp-group)# for the group by using the wins command. Step 4 domain name Specifies group domain membership. Example: Router(config-isakmp-group)# domain company.com Router(config-isakmp-group)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 79: Apply Mode Configuration To The Crypto Map

    Configures the router to reply to mode [initiate | respond] configuration requests from remote clients. Example: Router(config)# crypto map dynmap client configuration address respond Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 80: Enable Policy Lookup

    During IKE negotiations, the peers search in multiple transform sets for a transform that is the same at both peers. When such a transform set is found, it is selected and applied to the protected traffic as a part of both peers’ configurations. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 81: Configure The Ipsec Crypto Method And Parameters

    Router(config)# crypto dynamic-map dynmap 1 Router(config-crypto-map)# Step 2 set transform-set transform-set-name Specifies which transform sets can be used with [transform-set-name2...transform-set-name6] the crypto map entry. Example: Router(config-crypto-map)# set transform-set vpn1 Router(config-crypto-map)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 82: Apply The Crypto Map To The Physical Interface

    Command or Action Purpose Step 1 interface type number Enters the interface configuration mode for the interface to which you want the crypto map applied. Example: Router(config)# interface fastethernet 0 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 83: Create An Easy Vpn Remote Configuration

    DNS server available for 192.168.100.1 hostname resolution. Router(config-crypto-ezvpn)# Step 4 mode {client | network-extension | network Specifies the VPN mode of operation. extension plus} Example: Router(config-crypto-ezvpn)# mode client Router(config-crypto-ezvpn)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 84: Verifying Your Easy Vpn Configuration

    The following configuration example shows a portion of the configuration file for the VPN and IPSec tunnel described in this chapter. aaa new-model aaa authentication login rtr-remote local aaa authorization network rtr-remote local aaa session-id common username Cisco password 0 Cisco Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 6-10 OL-6426-02...
  • Page 85 2 key secret-password mode client peer 192.168.100.1 interface fastethernet 0 crypto ipsec client ezvpn ezvpnclient outside crypto map static-map interface vlan 1 crypto ipsec client ezvpn ezvpnclient inside Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 6-11 OL-6426-02...
  • Page 86 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configuration Example Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 6-12 OL-6426-02...

  • Page 87: Chapter 7 Configuring Vpns Using An Ipsec Tunnel And Generic Routing Encapsulation

    C H A P T E R Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation The Cisco 1800 series integrated services fixed-configuration routers support the creation of virtual private networks (VPNs). Cisco routers and other broadband devices provide high-performance connections to the Internet, but many applications also require the security of VPN connections which perform a high level of authentication and which encrypt the data between two particular endpoints.
  • Page 88 VPN configuration information must be configured on both endpoints; for example, on your Cisco router and at the remote user, or on your Cisco router and on another router. You must specify parameters, such as internal IP addresses, internal subnet masks, DHCP server addresses, and Network Address Translation (NAT).

  • Page 89: Configure A Vpn

    (SHA-1). Step 4 authentication {rsa-sig | rsa-encr | pre-share} Specifies the authentication method used in the IKE policy. Example: The example uses a pre-shared key. Router(config-isakmp)# authentication pre-share Router(config-isakmp)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 90 (DNS) server for the group. Example: You may also want to specify Windows Note Router(config-isakmp-group)# dns 10.50.10.1 Internet Naming Service (WINS) servers Router(config-isakmp-group)# for the group by using the wins command. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 91 Example: You could also use a RADIUS server for this. See Router(config)# aaa authentication login Cisco IOS Security Configuration Guide rtr-remote local Cisco IOS Security Command Reference Router(config)# details. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 92 Specifies global lifetime values used when {seconds seconds | kilobytes kilobytes} negotiating IPSec security associations. See the Cisco IOS Security Command Reference Example: for details. Router(config)# crypto ipsec security-association lifetime seconds 86400 Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 93 Router(config-crypto-map)# exit Router(config)# Step 5 crypto map map-name seq-num [ipsec-isakmp] Creates a crypto map profile. [dynamic dynamic-map-name] [discover] [profile profile-name] Example: Router(config)# crypto map static-map 1 ipsec-isakmp dynamic dynmap Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 94 Creates a tunnel interface and enters interface configuration mode. Example: Router(config)# interface tunnel 1 Router(config-if)# Step 2 ip address ip-address mask Assigns an address to the tunnel. Example: Router(config-if)# 10.62.1.193 255.255.255.252 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 95 Specifies that only GRE traffic is permitted on the destination destination-wildcard outbound interface. Example: Router(config-acl)# permit gre host 192.168.100.1 host 192.168.101.1 Router(config-acl)# Step 9 exit Returns to global configuration mode. Example: Router(config-acl)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 96 1 ipsec-isakmp ! associates all crypto values and peering address for the ipsec tunnel. set peer 200.1.1.1 set transform-set set1 match address 105 interface vlan 1 ! VLAN 1 is the internal home network Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 7-10 OL-6426-02...
  • Page 97 103 deny ip any any ! prevents internet initiated traffic inbound. ! acl 105 matches addresses for the ipsec tunnel to/from the corporate network. access-list 105 permit ip 10.1.1.0 0.0.0.255 192.168.0.0 0.0.255.255 no cdp run Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 7-11 OL-6426-02...
  • Page 98 Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation Configuration Example Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 7-12 OL-6426-02...
  • Page 99 C H A P T E R Configuring a Simple Firewall The Cisco 1800 integrated services routers support network traffic filtering by means of access lists. The router also supports packet inspection and dynamic temporary access lists by means of Context-Based Access Control (CBAC).
  • Page 100 In the configuration example that follows, the firewall is applied to the outside WAN interface (FE0) on the Cisco 1811 or Cisco 1812 and protects the Fast Ethernet LAN on FE2 by filtering and inspecting all traffic entering the router on the Fast Ethernet WAN interface FE1. Note that in this example, the network traffic originating from the corporate network, network address 10.1.1.0, is considered safe traffic and...
  • Page 101 Router(config)# ip inspect name firewall rtsp Router(config)# ip inspect name firewall h323 Router(config)# ip inspect name firewall netshow Router(config)# ip inspect name firewall ftp Router(config)# ip inspect name firewall sqlnet Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 102 Assigns the defined ACLs to the outside access-list-name} {in | out} interface on the router. Example: Router(config-if)# ip access-group 103 in Router(config-if)# Step 6 exit Returns to global configuration mode. Example: Router(config-if)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 103 103 deny ip any any ! prevents internet initiated traffic inbound. ! acl 105 matches addresses for the ipsec tunnel to/from the corporate network. access-list 105 permit ip 10.1.1.0 0.0.0.255 192.168.0.0 0.0.255.255 no cdp run Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 104 Chapter 8 Configuring a Simple Firewall Configuration Example Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 105 VLAN 1 VLAN 2 In the configuration example that follows, a remote user is accessing the Cisco 1800 series integrated services router using a wireless connection. Each remote user has his own VLAN. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide...
  • Page 106 Authentication Protocol [PEAP]) can use the access point. This command is not supported on Note bridges. See the Cisco IOS Commands for Access Points and Bridges document for more details. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 107 (Optional) Specifies the Request to Send (RTS) threshold or the number of times to send a request before determining the wireless LAN is Example: unreachable. Router(config-if)# rts threshold 2312 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 108 Enters interface configuration mode. We want to set up bridging on the VLANs, so the Example: example enters the VLAN interface Router(config)# interface vlan 1 configuration mode. Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 109 Example: Router(config)# interface dot11radio 0.1 Router(config-subif)# Step 2 description string Provides a description of the subinterface for the administrative user. Example: Router(config-subif)# description Cisco open Router(config-subif)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 110 1 change 45 encryption vlan 1 mode ciphers tkip ssid cisco vlan 1 authentication open authentication network-eap eap_methods authentication key-management wpa ssid ciscowep vlan 2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 111 2 bridge-group 2 spanning-disabled interface Vlan3 no ip address bridge-group 3 bridge-group 3 spanning-disabled interface BVI1 ip address 10.0.1.1 255.255.255.0 interface BVI2 ip address 10.0.2.1 255.255.255.0 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 112 Chapter 9 Configuring a Wireless LAN Connection Configuration Example interface BVI3 ip address 10.0.3.1 255.255.255.0 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 113 10.0.1.1 auth-port 1812 acct-port 1813 aaa authentication login eap_methods group rad_eap aaa session-id common ip subnet-zero ip cef vpdn enable vpdn-group 1 request-dialin protocol pppoe interface dialer 1 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-1 OL-6426-02...
  • Page 114 FastEthernet0 ip address 192.1.12.2 255.255.255.0 no ip directed-broadcast (default) ip nat outside ip access-group 103 in no cdp enable crypto ipsec client ezvpn ezvpnclient outside crypto map static-map Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-2 OL-6426-02...
  • Page 115 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 rts threshold 2312 power local cck 50 power local ofdm 30 channel 2462 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-3 OL-6426-02...
  • Page 116 3 spanning-disabled interface BVI1 ip address 10.0.1.1 255.255.255.0 interface BVI2 ip address 10.0.2.1 255.255.255.0 interface BVI3 ip address 10.0.3.1 255.255.255.0 ip classless ip http server no ip http secure-server Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-4 OL-6426-02...
  • Page 117 0 transport preferred all transport output all line vty 0 4 password cisco123 transport preferred all transport input all transport output all Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-5 OL-6426-02...
  • Page 118 Chapter 10 Sample Configuration Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 10-6 OL-6426-02...
  • Page 119 A R T Configuring Additional Features and Troubleshooting...

  • Page 121: Additional Configuration Options

    To verify that a specific feature is compatible with your router, you can use the Software Advisor tool. Note You can access this tool at www.cisco.com > Technical Support & Documentation > Tools & Resources with your Cisco username and password.
  • Page 122 Chapter 11 Additional Configuration Options Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 11-2 OL-6426-02...
  • Page 123 C H A P T E R Configuring Security Features This chapter gives an overview of authentication, authorization, and accounting (AAA), the primary Cisco framework for implementing selected security features that can be configured on the Cisco 1800 integrated services fixed-configuration routers. Note Individual router models may not support every feature described throughout this guide.
  • Page 124 {source | source-wildcard | any} Extended ip access-list extended name followed by {permit | deny} protocol {source-addr [source-mask] | any}{destination-addr [destination-mask] | any} Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 12-2 OL-6426-02...

  • Page 125: Guidelines For Creating Access Groups

    For more complete information on creating access lists, see the “Access Control Lists: Overview and Guidelines” section of the Cisco IOS Release 12.3 Security Configuration Guide. Configuring a CBAC Firewall Context-Based Access Control (CBAC) lets you configure a stateful firewall where packets are inspected internally and the state of network connections is monitored.

  • Page 126: Configuring Vpns

    Cisco IOS Firewall IDS identifies 59 of the most common attacks using “signatures” to detect patterns of misuse in network traffic. It acts as an in-line intrusion detection sensor, watching packets and sessions as they flow through the router, scanning each to match any of the IDS signatures.
  • Page 127 WAN downtime. Dial backup is inactive by default, and must be configured to be active. Dial backup and remote management functions are configured through the ISDN S/T port of the Cisco 1812, Cisco 1801, Cisco 1802, and Cisco 1803 routers. These functions are configured through the V.92 modem port of the Cisco 1811 router.

  • Page 128: Configuring Backup Interfaces

    (DLCI) is inactive. Floating static routes are also encapsulation independent. When static routes are configured, the primary interface protocol must go down in order to activate the Note floating static route. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-2 OL-6426-02...
  • Page 129 IP address of the backup interface. Example: Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.2.2 150 Router(config)# Note When dynamic routing is activated, the floating static route depends upon routing protocol convergence times. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-3 OL-6426-02...

  • Page 130: Configuring Dialer Watch

    {ip-address | interface-type Assigns the primary route. 22.0.0.2 is the peer IP interface-number [ip-address]} [distance] address of the primary interface. Example: Router(config)# ip route 0.0.0.0 0.0.0.0 22.0.0.2 Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-4 OL-6426-02...
  • Page 131 The following limitation exists for the dial backup feature: bridging is not supported over console or auxiliary port backup interfaces. Table 13-1 summarizes dial backup support and limitations for the Cisco 1800 series integrated services fixed-configuration routers. Table 13-1 Dial Backup Feature Support and Limitations Summary...
  • Page 132 1 isdn switch-type basic-net3 interface ATM0 backup interface BRI0 no ip address no atm ilmi-keepalive pvc 1/40 encapsulation aal5snap pppoe-client dial-pool-number 2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-6 OL-6426-02...
  • Page 133 BRI0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 interface ATM0 no ip address no atm ilmi-keepalive pvc 1/40 encapsulation aal5snap pppoe-client dial-pool-number 2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-7 OL-6426-02...
  • Page 134 BRI0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 interface ATM0 no ip address no atm ilmi-keepalive pvc 1/40 encapsulation aal5snap pppoe-client dial-pool-number 2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-8 OL-6426-02...
  • Page 135 Configuring Dial Backup and Remote Management Through the ISDN S/T Port The Cisco 1812, Cisco 1801, Cisco 1802, and Cisco 1803 routers use the ISDN S/T port for dial backup and remote management. Perform the following tasks to configure dial backup and remote management...
  • Page 136 Enters global configuration mode. Example: Router(config-if)# exit Router(config)# Step 7 interface dialer dialer-rotary-group-number Creates a dialer interface (numbered 0–255) and enters into interface configuration mode. Example: Router(config)# interface dialer 0 Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-10 OL-6426-02...
  • Page 137 1. Router(config)# dialer-list 1 protocol ip For details about this command and additional permit parameters that can be set, see the Cisco IOS Dial Router(config)# Technologies Command Reference. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-11 OL-6426-02...
  • Page 138 Configuring Dial Backup and Remote Management Through the ISDN S/T Port Configure the Aggregator and ISDN Peer Router The aggregator is typically a concentrator router where your Cisco router ATM PVC terminates. In the configuration example shown below, the aggregator is configured as a PPPoE server to correspond with the Cisco 876 router configuration example that is given in this chapter.
  • Page 139 Router(config-if)# ip unnumbered FastEthernet 2 Router(config-if)# Step 3 encapsulation encapsulation-type Sets the encapsulation type to PPP for the interface. Example: Router(config-if)# encapsulation ppp Router(config-if)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-13 OL-6426-02...
  • Page 140 Example: Router(config-if)# peer default ip address pool pool123 Router(config-if)# Step 9 exit Exits asynchronous interface configuration, and enters global configuration mode. Example: Router(config-if)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-14 OL-6426-02...
  • Page 141 We recommend all for use with the dial Note Example: backup feature. Router(config-line)# transport input all Router(config-line)# Step 5 exit Exits line configuration mode, and enters global configuration mode. Example: Router(config-line)# exit Router(config)# Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-15 OL-6426-02...
  • Page 142 Chapter 13 Configuring Dial Backup and Remote Management Configuring Dial Backup and Remote Management Through a V.92 Modem Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 13-16 OL-6426-02...

  • Page 143: Before Contacting Cisco Or Your Reseller

    Chassis type and serial number Maintenance agreement or warranty information • • Type of software and version number Date you received the hardware • • Brief description of the problem Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-1 OL-6426-02...
  • Page 144 • The DSLAM supports discrete multi-tone (DMT) Issue 2. • The ADSL cable that you connect to the Cisco router must be 10BASE-T Category 5, unshielded twisted-pair (UTP) cable. Using regular telephone cable can introduce line errors. SHDSL Troubleshooting Symmetrical high-data-rate digital subscriber line (SHDSL) is available on the Cisco 1803 router model.
  • Page 145 Example 14-2 shows sample command output. Example 14-2 Viewing the Status of Selected Interfaces Router# show interface atm 0 ATM0 is up, line protocol is up Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-3 OL-6426-02...
  • Page 146 • The ATM line is down, possibly because the ADSL cable is disconnected or because the wrong type of cable is connected to the ATM port. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-4 OL-6426-02...
  • Page 147 Max. Datagram Size: 4528 PLIM Type: ADSL - 4608Kbps Upstream, DMT, TX clocking: LINE 0 input, 0 output, 0 IN fast, 0 OUT fast Avail bw = 4608 Config. is ACTIVE Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-5 OL-6426-02...

  • Page 148: Guidelines For Using Debug Commands

    Description ATM interface Interface number. Always 0 for the Cisco 1800 fixed-configuration routers. AAL enabled Type of AAL enabled. The Cisco 1800 fixed-configuration routers support AAL5. Maximum VCs Maximum number of virtual connections this interface supports. Current VCCs Number of active virtual channel connections (VCCs).
  • Page 149 00:03:09: DSL: SM: [DMTDSL_DO_OPEN -> DMTDSL_SHOWTIME] Example 14-6 Viewing ATM Interface Processor Events—Failure Router# debug atm events Router# 00:02:57: DSL: Send ADSL_OPEN command. 00:02:57: DSL: Using subfunction 0xA 00:02:57: DSL: Using subfunction 0xA Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-7 OL-6426-02...
  • Page 150 01:23:48:ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD 01:23:48:ABCD ABCD ABCD ABCD ABCD 01:23:48: Table 14-3 describes some of the fields shown in the debug atm packet command output. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-8 OL-6426-02...
  • Page 151 Several methods are available for upgrading software on the Cisco 1800 series integrated services fixed-configuration routers, including: Copy the new software image to flash memory over the LAN or WAN while the existing Cisco IOS • software image is operating.
  • Page 152 If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected].
  • Page 153 If you are recovering an enable secret password, it is not displayed in the show startup-config command output. Complete the password recovery process by performing the steps in the following “Reset the Password and Save Your Changes” section. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-11 OL-6426-02...
  • Page 154 To return to the configuration being used before you recovered the lost enable password, do not Note save the configuration changes before rebooting the router. Reboot the router, and enter the recovered password. Step 4 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-12 OL-6426-02...
  • Page 155 Managing Your Router with SDM Managing Your Router with SDM The Cisco SDM tool is a free software configuration utility, supporting the Cisco 1800 series integrated services fixed-configuration routers. It includes a web-based GUI that offers the following features: Simplified setup •...
  • Page 156 Chapter 14 Troubleshooting Managing Your Router with SDM Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide 14-14 OL-6426-02...
  • Page 157 A R T Reference Information...

  • Page 159: Configuring The Router From A Pc

    A P P E N D I X Cisco IOS Software Basic Skills Understanding how to use Cisco IOS software can save you time when you are configuring your router. If you need a refresher, take a few minutes to read this appendix.

  • Page 160: Understanding Command Modes

    Cisco IOS commands. For example, you can use the interface type number command only from global configuration mode. The following Cisco IOS command modes are hierarchical. When you begin a router session, you are in user EXEC mode. User EXEC •...
  • Page 161 To exit to privileged from global EXEC mode, enter the configuration mode. end command, or press Ctrl-Z. To enter subinterface • configuration mode, specify a subinterface with the interface command. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 162: Getting Help

    Dialer parameters and statistics exception exception information To redisplay a command you previously entered, press the Up Arrow key. You can continue to press the Up Arrow key for more commands. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 163 Privileged EXEC mode is indicated by the # in the prompt. You can now make changes to your router configuration. Step 3 Enter the configure terminal command to enter global configuration mode: Router# configure terminal Router(config)# You can now make changes to your router configuration. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...

  • Page 164: Command-Line Error Messages

    Cisco IOS Software Basic Skills Using Commands Using Commands This section provides some tips about entering Cisco IOS commands at the command-line interface (CLI). Abbreviating Commands You only have to enter enough characters for the router to recognize the command as unique. This...

  • Page 165: Saving Configuration Changes

    Building configuration... router# Summary Now that you have reviewed some Cisco IOS software basics, you can begin to configure your router. Remember: You can use the question mark (?) and arrow keys to help you enter commands. •...
  • Page 166 Appendix A Cisco IOS Software Basic Skills Where to Go Next Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 167 Concepts This appendix contains conceptual information that may be useful to Internet service providers or network administrators when they configure Cisco routers. To review some typical network scenarios, Chapter 2, “Sample Network Deployments.” For information on additional details or configuration topics, see Chapter 11, “Additional Configuration Options.”...
  • Page 168 (RIP), a dynamic distance-vector routing protocol. RIP is described in more detail in the following subsections. Routing Protocol Options Routing protocols include the following: Routing Information Protocol (RIP) • Enhanced Interior Gateway Routing Protocol (Enhanced IGRP) • Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 169 RIP, see the Cisco IOS Release 12.3 documentation set. Enhanced IGRP Enhanced IGRP is an advanced Cisco proprietary distance-vector and link state routing protocol, which means it uses a metric more sophisticated than distance (hop count) for route selection. Enhanced IGRP uses a metric based on a successor, which is a neighboring router that has a least-cost path to a destination that is guaranteed not to be part of a routing loop.
  • Page 170 PAP uses a two-way handshake to verify the passwords between routers. To illustrate how PAP works, imagine a network topology in which a remote office Cisco router is connected to a corporate office Cisco router. After the PPP link is established, the remote office router repeatedly sends a configured username and password until the corporate office router accepts the authentication.

  • Page 171: Network Interfaces

    TACACS+ Cisco 1800 fixed-configuration routers support the Terminal Access Controller Access Control System Plus (TACACS+) protocol through Telnet. TACACS+ is a Cisco proprietary authentication protocol that provides remote access authentication and related network security services, such as event logging. User passwords are administered in a central database rather than in individual routers.
  • Page 172 Dial Backup Dial backup provides protection against WAN downtime by allowing a user to configure a backup modem line connection. The following can be used to bring up the dial backup feature in Cisco IOS software: Backup Interface •...
  • Page 173 The translation function is compatible with standard routing; the feature is required only on the router connecting the inside network to the outside domain. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 174 WAN interface IP address from a central server and to enable all remote hosts to access the Internet using this single registered IP address. Because Easy IP (Phase 1) uses existing port-level multiplexed NAT functionality within Cisco IOS software, IP addresses on the remote LAN are invisible to the Internet.

  • Page 175: Ppp Fragmentation And Interleaving

    Interleaving provides the delay bounds for delay-sensitive voice packets on a slow link that is used for other best-effort traffic. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 176 PPP to define how data is managed; RSVP or IP Precedence is used to give priority to voice packets. There are two levels of queueing; ATM queues and Cisco IOS queues. CBWFQ is applied to Cisco IOS queues. A first-in-first-out (FIFO) Cisco IOS queue is automatically created when a PVC is created. If you use CBWFQ to create classes and attach them to a PVC, a queue is created for each class.

  • Page 177: Access Lists

    ACK or RST bits are set. (Set ACK or RST bits indicate that the packet is not the first in the session and the packet therefore belongs to an established session.) This filter criterion would be part of an access list applied permanently to an interface. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide B-11 OL-6426-02...
  • Page 178 Appendix B Concepts Access Lists Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide B-12 OL-6426-02...
  • Page 179 You can use the ROM monitor to perform certain configuration tasks, such as recovering a lost password or downloading software over the console port. If there is no Cisco IOS software image loaded on the router, the ROM monitor runs the router.
  • Page 180 Reboots the router with the new configuration register value. The router remains in ROM monitor and does not boot the Cisco IOS software. As long as the configuration value is 0x0, you must manually boot the operating system from the console. See the boot command in the “Command...

  • Page 181: Tftp Download Command Variables

    Cisco IOS software, you can load new software while in ROM monitor mode. This section describes how to load a Cisco IOS software image from a remote TFTP server to the router flash memory. Use the tftpdnld command only for disaster recovery, because it erases all existing data in flash memory before downloading a new software image to the router.
  • Page 182 2—Detailed progress is displayed during the file download process; for example: Initializing interface. • Interface link state up. • ARPing for 1.4.0.1 • ARP reply for 1.4.0.1 received. MAC • address 00:00:0c:07:ac:01 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 183 The router begins to download the new file. If you mistakenly entered yes, you can enter Ctrl-C or Break to stop the transfer before the flash memory is erased. Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 184 The virtual configuration register is in nonvolatile RAM (NVRAM) and has the same functionality as other Cisco routers. You can view or modify the virtual configuration register from either the ROM monitor or the operating system software. Within the ROM monitor, you can change the configuration register by entering the register value in hexadecimal format, or by allowing the ROM monitor to prompt you for the setting of each bit.
  • Page 185 CompactFlash memory module or to main memory for execution (image files only). Use console download when you do not have access to a TFTP server. If you are using a PC to download a Cisco IOS image over the router console port at 115,200 bps, ensure Note that the PC serial port is using a 16550 universal asynchronous transmitter/receiver (UART).
  • Page 186 Debug Commands Most ROM monitor debugging commands are functional only when Cisco IOS software has crashed or is halted. If you enter a debugging command and Cisco IOS crash information is not available, you see the following error message: "xxx: kernel context state is invalid, can not proceed."...
  • Page 187 NVRAM size: 192 KB Exiting the ROM Monitor You must set the configuration register to a value from 0x2 to 0xF for the router to boot a Cisco IOS image from flash memory upon startup or reloading. The following example shows how to reset the configuration register and cause the router to boot a Cisco IOS image stored in flash memory: rommon 1 >...
  • Page 188 Appendix C ROM Monitor Exiting the ROM Monitor Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide C-10 OL-6426-02...
  • Page 189 NICNAME Who is LOGIN Login Host Protocol DOMAIN Domain name server BOOTPS Bootstrap Protocol Server BOOTPC Bootstrap Protocol Client TFTP Trivial File Transfer Protocol – Any private dial-out service Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 190 UNIX remote execution (control) TCP—rlogin TCP—UNIX remote login UDP—rwho UDP—UNIX broadcast name service TCP—rsh TCP—UNIX remote shell UDP—syslog UDP—system log Printer UNIX line printer remote spooling Routing Information Protocol Timed Time server Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02...
  • Page 191 See ARP ADSL configuring ordering overview backup interfaces troubleshooting for dial backup activation aggregator b command configuring b flash command boot commands Asymmetric Digital Line Subscriber Line bridging Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-1 OL-6426-02...
  • Page 192 6, 9 ROM monitor debugging firewall undoing global parameters command variables GRE tunnel listing group policy TFTP download IKE policy committed access rate inspection rules for firewalls See CAR Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-2 OL-6426-02...
  • Page 193 15 to 16 IP address assignment overview 2, 3 DHCP and Easy IP (Phase 2) enable password DHCP server recovering configuration example setting configuring as enable secret password Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-3 OL-6426-02...
  • Page 194 IGMP snooping configuring IKE policy description configuring flowcontrol command inspection rules fragmentation, PPP applying to interfaces frame command configuring interface configuration mode Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-4 OL-6426-02...
  • Page 195 See also Easy IP (Phase 1) network address translation See NAT LAN with DHCP and VLANs network configuration, preparing for configuring Network Control Protocols Layer 2 interfaces See NCP Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-5 OL-6426-02...
  • Page 196 1 to 2 remote access VPN authentication protocols with Easy VPN and IPSec tunnel 3 to 4 fragmentation remote management Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-6 OL-6426-02...
  • Page 197 5, 6 show controllers dsl command show dsl interface atm command port numbers, currently assigned 1 to 2 show interface command undoing commands site-to-site VPN Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-7 OL-6426-02...
  • Page 198 VLAN trunking protocol (VTP) VPDN VPNs configuration example configuration tasks 2, 3 configuring 1, 4 WAN interfaces configuring 7, 3, 5 wireless LAN configuration example configuration tasks Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide IN-8 OL-6426-02...

This manual is also suitable for:

Cisco1841 - 1841 integrated services router18011802180318111812 ... Show all

Table of Contents