Sie sind auf Seite 1von 296
Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration
Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive

San Jose, CA 95134-1706 USA http://www.cisco.com

Tel:

408 526-4000

Fax:

800 553-NETS (6387) 408 527-0883

Text Part Number: OL-18906-02

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0907R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide © 2008 -2009 Cisco Systems, Inc. All rights reserved.

CONTENTS OL-18906-02 i Preface xiii Objective xiii Audience xiii Organization xiv Conventions xv Related Documentation

CONTENTS

OL-18906-02 i

Preface

xiii

Objective xiii

Audience xiii

Organization xiv

Conventions xv

Related Documentation

Searching Cisco Documents

Obtaining Documentation and Submitting a Service Request

xvi

xvii

xvii

Overview/Getting Started

CHAPTER

1

Product Overview

1-1

 

General Description

1-1

Cisco 860 Series ISRs

1-1

4-port 10/100 FE LAN Switch

1-1

Security Features

1-2

802.11n Wireless LAN Option

1-2

Cisco 880 Series ISRs

1-2

Models of the Cisco 880 Series ISRs

1-2

Common Features

1-3

Voice Features

 

1-4

Cisco 890 Series ISRs

1-4

8-port 10/100 FE LAN Switch 802.11n Wireless LAN Option

1-4

1-5

Real-Time Clock

1-5

Security Features

1-5

Licensing

1-5

Selecting Feature Sets

1-5

CHAPTER

2

Wireless Device Overview

2-1

 

Software Modes

2-1

Management Options

2-2

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide iii OL-18906-02

iii

OL-18906-02

Contents

Network Configuration Examples

2-3

Root Access Point

Central Unit in an All-Wireless Network

2-3

2-4

3 Basic Router Configuration 3-1 CHAPTER Interface Ports 3-2 Default Configuration 3-2 Information Needed for
3
Basic Router Configuration
3-1
CHAPTER
Interface Ports
3-2
Default Configuration
3-2
Information Needed for Configuration
3-4
Configuring Command-Line Access
3-5
Configuring Global Parameters
3-7
Configuring WAN Interfaces
3-7
Configuring a Fast Ethernet WAN Interface
Configuring a Gigabit Ethernet WAN Interface
3-8
3-9
Configuring a V.92 Modem Interface
Configuring a VDSL2 WAN Interface
Configuring a G.SHDSL WAN Interface
3-9
3-11
3-12
Configuring the Cellular Wireless WAN Interface
3-14
Configuring the Fast Ethernet LAN Interfaces
3-26
Configuring the Wireless LAN Interface
3-26
Configuring a Loopback Interface
3-26
Configuring Static Routes
3-27
Example
3-28
Verifying Configuration
3-28
Configuring Dynamic Routes
3-29
Configuring Routing Information Protocol
3-29
Configuring Enhanced Interior Gateway Routing Protocol
3-31
Configuring the Router
4
Configuring Backup Data Lines and Remote Management
4-1
CHAPTER

Configuring Backup Interfaces

Configuring Cellular Dial-on-Demand Routing Backup Configuring DDR Backup Using Dialer Watch

4-1

4-3

4-3

Configuring DDR Backup Using Floating Static Route

Cellular Wireless Modem as Backup with NAT and IPsec Configuration

4-5

4-6

Configuring Dial Backup and Remote Management Through the Console or Auxiliary Port

Example

4-12

Configuring Data Line Backup and Remote Management Through the ISDN S/T Port

4-15

4-9

iv

and Remote Management Through the ISDN S/T Port 4-15 4-9 iv Cisco 860 Series, Cisco 880

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Contents

Configuring ISDN Settings

Configuring Aggregator and ISDN Peer Router

4-16

4-19

CHAPTER

5

Configuring Security Features

5-1

 

Authentication, Authorization, and Accounting

5-1

Configuring AutoSecure

5-2

Configuring Access Lists

5-2

Access Groups

 

5-3

Configuring Cisco IOS Firewall

5-3

Configuring Cisco IOS IPS

5-4

URL Filtering

5-4

Configuring VPN

5-4

Configure a VPN over an IPSec Tunnel

5-7

Create a Cisco Easy VPN Remote Configuration

5-13

Configure a Site-to-Site GRE Tunnel

5-16

CHAPTER

6

Configuring the Ethernet Switches

6-1

Switch Port Numbering and Naming

6-1

Restrictions for the FE Switch

6-1

Information About Ethernet Switches

6-2

VLANs and VLAN Trunk Protocol

6-2

Inline Power

6-2

Layer 2 Ethernet Switching

6-2

 

802.1x Authentication

6-3

Spanning Tree Protocol

6-3

Cisco Discovery Protocol

6-3

Switched Port Analyzer

6-3

IGMP Snooping

6-3

Storm Control

6-4

Fallback Bridging

6-4

 

How to Configure Ethernet Switches

6-4

Configuring VLANs

6-4

 

Configuring Layer 2 Interfaces Configuring 802.1x Authentication

6-6

6-6

Configuring Spanning Tree Protocol Configuring MAC Table Manipulation Configuring Cisco Discovery Protocol Configuring the Switched Port Analyzer

Protocol Configuring MAC Table Manipulation Configuring Cisco Discovery Protocol Configuring the Switched Port Analyzer
Protocol Configuring MAC Table Manipulation Configuring Cisco Discovery Protocol Configuring the Switched Port Analyzer
Protocol Configuring MAC Table Manipulation Configuring Cisco Discovery Protocol Configuring the Switched Port Analyzer

6-6

6-7

6-7

6-7

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide v

v

OL-18906-02

Contents

Configuring Power Management on the Interface

6-8

 

Configuring IP Multicast Layer 3 Switching

6-8

Configuring IGMP Snooping

6-8

 

Configuring Per-Port Storm Control

6-9

 

Configuring Fallback Bridging

6-9

Configuring Separate Voice and Data Subnets

6-9

Managing the Switch

6-10

CHAPTER

7

Configuring Voice Functionality

7-1

 
 

Voice Ports

7-1

Analog and Digital Voice Port Assignments

7-1

Voice Port Configuration

7-2

Call Control Protocols

7-2

Session Initiation Protocol (SIP)

7-2

Media Gateway Control Protocol (MGCP)

7-2

H.323 7-3

 

Dial Peer Configuration

7-3

 

Other Voice Features

7-3

Real-Time Transport Protocols Dual Tone Multi Frequency Relay

7-3

7-4

CODECs 7-4 SCCP-Controlled Analog Ports with Supplementary Features

7-4

Fax Services

7-5

Fax Pass-Through

7-5

Cisco Fax Relay

7-5

T.37 Store-and-Forward Fax

7-5

 

T.38 Fax Relay

7-5

Unified Survival Remote Site Telephony

7-5

 

Verification of Voice Configuration

7-6

Configuring and Administering the Wireless Device

 

CHAPTER

8

Basic Wireless Device Configuration

8-1

Starting a Wireless Configuration Session

Configuring Wireless Settings

8-4

Cisco Express Setup

Cisco IOS Command Line Interface

8-4

8-5

8-2

Configuring the Access Point in Hot Standby Mode

8-9

vi

8-2 Configuring the Access Point in Hot Standby Mode 8-9 vi Cisco 860 Series, Cisco 880

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Contents

Upgrading to Cisco Unified Software

8-9

Preparing for the Upgrade Performing the Upgrade

Preparing for the Upgrade Performing the Upgrade

8-9

8-10

Downgrading the Software on the Access Point

Recovering Software on the Access Point

8-12

Related Documentation

8-12

8-11

CHAPTER

9

Configuring Radio Settings

9-1

 

Enabling the Radio Interface

9-2

 

Configuring the Role in the Radio Network

9-2

Radio Tracking

9-4

Fast Ethernet Tracking MAC-Address Tracking

9-4

9-4

Configuring Radio Data Rates

9-4

 

Configuring MCS Rates

9-7

Configuring Radio Transmit Power

9-8

Limiting the Power Level for Associated Client Devices

9-9

 

Configuring Radio Channel Settings

9-10

802.11n Channel Widths

9-11

Enabling and Disabling World Mode

9-11

Disabling and Enabling Short Radio Preambles

9-12

 

Configuring Transmit and Receive Antennas

9-13

Disabling and Enabling Aironet Extensions

9-14

Configuring the Ethernet Encapsulation Transformation Method

9-15

Enabling and Disabling Public Secure Packet Forwarding

9-15

Configuring Protected Ports

9-16

 

Configuring the Beacon Period and the DTIM

9-17

Configure RTS Threshold and Retries

9-17

Configuring the Maximum Data Retries

9-18

 

Configuring the Fragmentation Threshold

9-18

Enabling Short Slot Time for 802.11g Radios

9-19

Performing a Carrier Busy Test

9-19

 

Configuring VoIP Packet Handling

9-19

CHAPTER

10

Administering the Wireless Device

10-1

Disabling the Mode Button Function

Preventing Unauthorized Accessto Your Access Point

10-2

10-3

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide vii OL-18906-02

vii

OL-18906-02

Contents

Protecting Access to Privileged EXEC Commands

10-3

Configuring Default Password and Privilege Level

Setting or Changing a Static Enable Password

Protecting Enable and Enable Secret Passwords with Encryption

10-3

10-4

10-5

Configuring Username and Password Pairs

10-6

Configuring Multiple Privilege Levels

10-7

ControllingAccess Point Access with RADIUS

10-9

Default RADIUS Configuration

10-9

Configuring RADIUS Login Authentication

10-9

Defining AAA Server Groups

Configuring RADIUS Authorization for User Privileged Access and

Network Services

Displaying the RADIUS Configuration

10-11

10-13

10-14

ControllingAccess Point Access with TACACS+

10-14

Default TACACS+ Configuration

10-14

Configuring TACACS+ Login Authentication

10-15

Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services

Displaying the TACACS+ Configuration

10-17

Administering the Wireless Hardware and Software

10-17

10-16

Resetting the Wireless Device to the Factory Default Configuration

10-17

10-17

 

Rebooting the Wireless Device Monitoring the Wireless Device

10-18

 

Managing the System Time and Date

10-18

Understanding Simple Network Time Protocol

10-19

Configuring SNTP

10-19

Configuring Time and Date Manually

10-19

Configuring a System Name and Prompt

10-24

Default System Name and Prompt Configuration

10-24

Configuring a System Name

10-24

 

Understanding DNS

10-25

Creating a Banner

10-27

Default Banner Configuration

10-27

 

Configuring a Message-of-the-Day Login Banner

10-27

Configuring a Login Banner

10-29

 

Configuring Ethernet Speed and Duplex Settings

10-29

 

Configuring the Access Point for Wireless Network Management

10-30

 

Configuringthe Access Point for Local Authentication and Authorization

10-30

Configuring the Authentication Cache and Profile

Configuringthe Access Point to Provide DHCP Service

10-31

10-34

viii

Access Point to Provide DHCP Service 10-31 10-34 viii Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Contents

Setting up the DHCP Server

Monitoring and Maintaining the DHCP Server Access Point

10-34

Configuring the Access Point for Secure Shell

Understanding SSH

10-37

Configuring SSH

10-37

Configuring Client ARP Caching

10-38

Understanding Client ARP Caching

Configuring ARP Caching

10-38

10-38

10-37

10-36

Configuring Multiple VLAN and Rate Limiting for Point-to-Multipoint Bridging

10-39

Configuring Your Router for Ethernet and DSL Access

CHAPTER

11

Configuring PPP over Ethernet with NAT

11-1

 
 

Configure the Virtual Private Dialup Network Group Number

11-2

Configure the Fast Ethernet WAN Interfaces

11-3

 

Configure the Dialer Interface

11-4

Configure Network Address Translation

11-6

 

Configuration Example

11-8

Verifying Your Configuration

11-9

 

CHAPTER

12

Configuring PPP over ATM with NAT

12-1

 

Configure the Dialer Interface

12-3

Configure the ATM WAN Interface

12-5

 

Configure DSL Signaling Protocol

12-6

Configuring ADSL

12-6

Configure Network Address Translation

12-9

 

Configuration Example

12-11

Verifying Your Configuration

12-11

 

CHAPTER

13

Configuring a LAN with DHCP and VLANs

13-1

 

Configure DHCP

13-2

Configuration Example

13-4

Verify Your DHCP Configuration

13-4

Configure VLANs

13-5

Assign a Switch Port to a VLAN

13-6

Verify Your VLAN Configuration

13-6

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide ix

ix

OL-18906-02

Contents

CHAPTER

14

Configuring a VPN Using Easy VPN and an IPSec Tunnel

14-1

 

Configure the IKE Policy

14-4

 

Configure Group Policy Information

14-5

 

Apply Mode Configuration to the Crypto Map

14-6

 

Enable Policy Lookup

14-6

 

Configure IPSec Transforms and Protocols

14-7

Configure the IPSec Crypto Method and Parameters

14-8

Apply the Crypto Map to the Physical Interface

14-9

Create an Easy VPN Remote Configuration

14-10

Verifying Your Easy VPN Configuration

14-11

 

Configuration Example

14-11

 

Additional Information

 

CHAPTER

15

Deployment Scenarios

15-1

 

About the Deployment Scenarios

15-1

 

Enterprise Small Branch

15-3

 

Internet Service and IPSec VPN with 3G

15-4

SMB Applications

15-5

Enterprise Wireless Deployments with LWAPP

15-6

 

CHAPTER

16

Troubleshooting

16-1

 

Getting Started

16-1

Before Contacting Cisco or Your Reseller

ADSL Troubleshooting

16-2

16-1

SHDSL Troubleshooting

16-2

VDSL2 Troubleshooting

16-2

show interfaces Troubleshooting Command

16-3

ATM Troubleshooting Commands

16-5

ping atm interface Command

16-5

show atm interface Command

16-6

debug atm Commands

16-7

Software Upgrade Methods

16-10

Recovering a Lost Password

16-10

Change the Configuration Register

Reset the Password and Save Your Changes

16-11

16-13

x

Reset the Password and Save Your Changes 16-11 16-13 x Cisco 860 Series, Cisco 880 Series,

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Contents

Reset the Configuration Register Value

Managing Your Router with SDM

16-14

16-13

Reference Information (Appendixes)

APPENDIX

A

Cisco IOS Software Basic Skills

A-1

 

Configuring the Router from a PC

A-1

Understanding Command Modes

A-2

Getting Help

A-4

Enable Secret Passwords and Enable Passwords

A-5

Entering Global Configuration Mode

A-5

 

Using Commands

A-6

Abbreviating Commands Undoing Commands

A-6

A-6

Command-Line Error Messages

A-6

 

Saving Configuration Changes

A-7

Summary A-7

 

Where to Go Next

A-7

APPENDIX

B

Concepts

B-1

 

ADSL

B-1

SHDSL

B-2

Network Protocols

B-2

IP

B-2

Routing Protocol Options

RIP

Enhanced IGRP

B-3

B-3

B-2

PPP Authentication Protocols

PAP

CHAP

B-4

B-4

TACACS+ B-5

Network Interfaces Ethernet B-5 ATM for DSL Dialer Interface

Dial Backup

B-6

B-5

B-5

B-6

Backup Interface

B-6

B-4

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide xi

xi

OL-18906-02

Contents

Floating Static Routes

B-7

 

Dialer Watch

B-7

NAT B-7

Easy IP (Phase 1)

B-8

Easy IP (Phase 2)

B-8

QoS

B-9

IP Precedence

PPP Fragmentation and Interleaving CBWFQ B-10

B-9

B-9

 

RSVP B-10 Low Latency Queuing

B-10

Access Lists

B-11

APPENDIX

C

ROM Monitor

C-1

 

Entering the ROM Monitor

C-1

 

ROM Monitor Commands

C-2

Command Descriptions

C-3

Disaster Recovery with TFTP Download TFTP Download Command Variables Using the TFTP Download Command

C-3

C-4

C-5

 

Configuration Register

C-6

Changing the Configuration Register Manually

C-6

 

Changing the Configuration Register Using Prompts

C-6

Console Download

C-7

Command Description

C-8

Error Reporting

C-8

Debug Commands

C-8

Exiting the ROM Monitor

C-10

APPENDIX

D

Common Port Assignments

D-1

xii

C-10 APPENDIX D Common Port Assignments D-1 xii Cisco 860 Series, Cisco 880 Series, and Cisco

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Preface This preface describes the objectives, audience, organization, and conventions of this guide, and describes

Preface

This preface describes the objectives, audience, organization, and conventions of this guide, and describes related documents that have additional information. It contains the following sections:

Objective, page xiii

Audience, page xiii

Organization, page xiv

Conventions, page xv

Related Documentation, page xvi

Searching Cisco Documents, page xvii

Obtaining Documentation and Submitting a Service Request, page xvii

Objective

 

This guide provides an overview and explains how to configure the various features for the Cisco 860, Cisco 880, and Cisco 890 series Integrated Services Routers (ISRs). Some information may not apply to your particular router model.

For warranty, service, and support information, see the “Cisco One-Year Limited Hardware Warranty Terms” section in the Readme First for the Cisco 800 Series Integrated Services Routers that was shipped with your router.

Audience

This guide is intended for Cisco equipment providers who are technically knowledgeable and familiar with Cisco routers and Cisco IOS software and features.

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide xiii OL-18906-02

xiii

OL-18906-02

Preface

Organization

This guide is organized into the following parts, chapters, and appendixes.

Overview/Getting Started

Product Overview

Provides a brief description of the router models and the available software features.

Wireless Device Overview

Provides an introduction to the wireless device on the router and its use in network configurations.

Basic Router Configuration

Provides procedures for configuring the basic parameters of the router.

Configuring the Router

Configuring Backup Data Lines and Remote Management

Provides procedures for configuring remote management functions and a backup data line connection.

Configuring Security Features

Provides procedures for implementing the security features that can be configured on the router.

Configuring the Ethernet Switches

Provides an overview of the configuration tasks for the 4-port Fast Ethernet switch on the router.

Configuring Voice Functionality

Provides references to the procedures for voice configuration.

Configuring and Administering the Wireless Device

Basic Wireless Device Configuration

Provides procedures for initial configuration of the wireless device.

Configuring Radio Settings

Describes how to configure radio settings for the wireless device.

Administering the Wireless Device

Describes the various aspects of the administration of the wireless device.

Configuring Your Router for Ethernet and DSL Access

Configuring PPP over Ethernet with NAT

Provides an overview of Point-to-Point Protocol over Ethernet (PPPoE) clients and network address translation (NAT)s that can be configured on the Cisco 860 and Cisco 880 series Integrated Services Routers (ISRs).

Configuring PPP over ATM with NAT

Provides an overview of Point-to-Point Protocol over Asynchronous Transfer Mode (PPPoA) clients and network address translation (NAT) that can be configured on the Cisco 860 and Cisco 880 series Integrated Services Routers (ISRs).

Configuring a LAN with DHCP and VLANs

Describes how the routers can use the Dynamic Host Configuration Protocol (DHCP) to enable automatic assignment of IP configurations for nodes on these networks.

xiv

of IP configurations for nodes on these networks. xiv Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Preface

Configuring a VPN Using Easy VPN and an IPSec Tunnel

Provides an overview of the creation of Virtual Private Networks (VPNs) that can be configured on the Cisco 860 and Cisco 880 series Integrated Services Routers (ISRs).

Additional Information

Deployment Scenarios

Shows some typical deployment scenarios for the Cisco 860, Cisco 880, and Cisco 890 series ISRs.

Troubleshooting

Provides information to help isolate problems you might encounter.

Reference Information (Appendixes)

Appendix A, “Cisco IOS Software Basic Skills”

Provides information for how to use Cisco IOS software to configure your router.

Appendix B, “Concepts”

Provides conceptual information that may be useful to Internet service providers or network administrators when they configure Cisco routers.

Appendix C, “ROM Monitor”

Provides information on how to use Cisco’s ROM Monitor firmware.

Appendix D, “Common Port Assignments”

Lists currently assigned transmission control protocol (TCP) port numbers.

Conventions

These documents use the conventions listed in Table 1 to convey instructions and information.

Table 1

Command Conventions

Convention

Description

boldface font

Commands and keywords.

italic font

Variables for which you supply values.

[ ]

Optional keywords or arguments appear in square brackets.

{x | y | z}

A choice of required keywords appears in braces separated by vertical bars. You must select one.

screen font

Examples of information displayed on the screen.

boldface screen

Examples of information you must enter.

font

 

<

>

Nonprinting characters, for example, passwords, appear in angle brackets in contexts where italics are not available.

[

]

Default responses to system prompts appear in square brackets.

responses to system prompts appear in square brackets. Note Means reader take note . Notes contain

Note

Means reader take note. Notes contain helpful suggestions or references to additional information and material.

Preface

Preface Caution This symbol means reader be careful . In this situation, you might do something

Caution

This symbol means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

that could result in equipment damage or loss of data. Timesaver Means the described action saves

Timesaver

Means the described action saves time. You can save time by performing the action described in the paragraph.

time by performing the action described in the paragraph. Tip Means the following information will help

Tip

Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information, similar to a Timesaver.

Related Documentation

In addition to the Cisco 860, Cisco 880, and Cisco 890 Series ISR Software Configuration Guide (this document), the Cisco 860, Cisco 880, and Cisco 890 series ISR documentation set includes the following documents:

Readme First for the Cisco 800 Series Integrated Services Routers.

Declarations of Conformity and Regulatory Information for Cisco Access Products with 802.11n Radios

Cisco IOS Release Notes for Cisco IOS Release 12.4(15)XZ

You might also need to refer to the following documents:

Cisco System Manager Quick Start Guide

Cisco IOS Release 12.4 Quality of Service Solutions Configuration Guide

Cisco IOS Security Configuration Guide, Release 12.4

Cisco IOS Security Configuration Guide, Release 12.4T

Cisco IOS Security Command Reference, Release 12.4

Cisco IOS Security Command Reference, Release 12.4T

Cisco IOS Command Reference for Cisco Aironet Access Points and Bridges, versions 12.4(10b) JA and 12.3(8) JEC

Cisco Aironet 1240AG Access Point Support Documentation

Cisco 4400 Series Wireless LAN Controllers Support Documentation

LWAPP Wireless LAN Controllers

LWAPP Wireless LAN Access Points

Cisco IOS Release 12.4 Voice Port Configuration Guide

SCCP Controlled Analog (FXS) Ports with Supplementary Features in Cisco IOS Gateways

xvi

Ports with Supplementary Features in Cisco IOS Gateways xvi Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Preface

Cisco Software Activation Conceptual Overview

Cisco Software Activation Tasks and Commands

Searching Cisco Documents

To search a Hyper Text Markup Language (HTML) document using a web browser, use the Ctrl+F (Windows) or Cmd+F (Apple) sequences. In most browsers the option to search whole words only, invoke case sensitivity, or search forward and backward are also available.

To search a PDF document in Adobe Reader, use the basic Find toolbar (Ctrl+F) or the Full Reader Search window (Shift+Ctrl+F). Use the Find toolbar to find words or phrases within one specific document. Use the Full Reader Search window to search multiple PDF files simultaneously as well as change case sensitivity, and other options. Adobe Reader comes with online help with more information regarding searching PDF documents.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide xvii OL-18906-02

xvii

OL-18906-02

Preface

xviii

Preface xviii Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

P ART 1 Overview/Getting Started
P ART 1 Overview/Getting Started

P ART

1

Overview/Getting Started

CHAPTER 1 Product Overview This chapter provides an overview of the features available for the

CHAPTER

1

Product Overview

This chapter provides an overview of the features available for the Cisco 860, Cisco 880, and Cisco 890 series Integrated Services Routers (ISRs), and contains the following sections:

General Description, page 1-1

Cisco 860 Series ISRs, page 1-1

Cisco 880 Series ISRs, page 1-2

Cisco 890 Series ISRs, page 1-4

Licensing, page 1-5

General Description

The Cisco 860, Cisco 880, and Cisco 890 series ISRs provide Internet, VPN, voice, data, and backup capability to corporate teleworkers and remote and small offices of fewer than 20 users. These routers are capable of bridging and multiprotocol routing between LAN and WAN ports, and provide advanced features such as antivirus protection. In addition, the Cisco 860W, Cisco 880W, and Cisco 890W series ISRs incorporate an 802.11n wireless LAN option that allows the ISR to act as a wireless access point.

Cisco 860 Series ISRs

The Cisco 860 series ISRs are fixed-configuration data routers that provide either a 10/100 Fast Ethernet (FE) or an ADSL2 over POTs WAN connection. The following features are supported on all models:

4-port 10/100 FE LAN Switch, page 1-1

Security Features, page 1-2

802.11n Wireless LAN Option, page 1-2

4-port 10/100 FE LAN Switch

This switch provides four ports for connecting to 10/100BASE-T (10/100 Mbps) Fast Ethernet (FE) LANs or access points.

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 1-1 OL-18906-02

1-1

OL-18906-02

Cisco 880 Series ISRs

Chapter 1

Product Overview

Security Features

The Cisco 860 platforms provide the following security features:

IPsec

Firewall

802.11n Wireless LAN Option

The Cisco 861W ISR has an integrated 802.11b/g/n single radio module for wireless LAN connectivity. With this module, the router can then act as an access point in the local infrastructure.

Cisco 880 Series ISRs

The Cisco 880 series ISRs are a family of fixed-configuration data and voice routers as described in the following sections:

Models of the Cisco 880 Series ISRs, page 1-2

Common Features, page 1-3

Voice Features, page 1-4

Models of the Cisco 880 Series ISRs

The Cisco 880 series ISRs have data and voice capabilities. Each router has one WAN port. In addition, the voice routers have either FXS or BRI voice ports. Data or voice backup ports are also available on most of the routers. The Cisco 880G routers come with a commercial third-generation (3G) wireless interface card that provides cellular backup. 802.11b/g/n option is available on all models.

Table 1-1 gives the port configurations of the Cisco 880 series data routers.

Table 1-1

Port Configurations of the Cisco 880 Series Data ISRs

   

Backup

Data

Data

Model

WAN Port

ISDN

3G

881

and 881W

FE

881G and 881GW

FE

x

886

and 886W

ADSL2oPOTS

x

886G and 886GW

ADSL2oPOTS

x

887

and 887W

ADSL2oPOTS

x

887G and 887GW

ADSL2oPOTS

x

887V and 887VW

VDSL2oPOTS

x

887VG and 887VGW

VDSL2oPOTS

x

888

and 888W

G.SHDSL

x

888G and 888GW

G.SHDSL

x

1-2

x — 888G and 888GW G.SHDSL — x 1-2 Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 1

Product Overview

Cisco 880 Series ISRs

Table 1-2 gives the port configurations of the Cisco 880 series voice routers.

Table 1-2

Port Configurations of the Cisco 880 Series Voice ISRs

     

Backup

FXS Voice

PSTN

PSTN

Model

WAN Port

Ports

FXO

BRI

C881SRST and C881SRSTW

FE

4

x

C888SRST and C888SRSTW

G.SHDSL

4

x

Common Features

Cisco 880 series ISRs support the following features:

4-port 10/100 FE LAN Switch, page 1-3

802.11n Wireless LAN Option, page 1-3

Real-Time Clock, page 1-3

Security Features, page 1-3

4-port 10/100 FE LAN Switch

This switch provides four ports for connecting to 10/100BASE-T FE LANs, access points, or IP phones. In addition, an upgrade is available that gives Power over Ethernet (PoE) on two of the ports to provide power to access points or phones.

802.11n Wireless LAN Option

The Cisco 880W series ISRs have an integrated 802.11b/g/n single radio module for wireless LAN connectivity. With this module, the router can act as an access point in the local infrastructure.

Real-Time Clock

A real-time clock (RTC) provides date and time when the system is powered on. The RTC is used to verify the validity of the Certification Authority stored on the router.

Security Features

The Cisco 880 platforms provide the following security features:

Intrusion Prevention System (IPS)

Dynamic Multipoint VPN (DMVPN)

IPsec

Quality of service (QoS)

Firewall

URL filtering

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 1-3 OL-18906-02

1-3

OL-18906-02

Cisco 890 Series ISRs

Chapter 1

Product Overview

Voice Features

The Cisco 880 voice platforms (C880SRST and C880SRSTW) support the following voice features:

Signaling protocols: Session Initiation Protocol (SIP), Media Gateway Control Protocol (MGCP), and H323

Real-time transfer protocol (RTP), Cisco RTP (cRTP), and secure RTP (SRTP) for these signaling protocols

Fax passthrough, Cisco fax relay, T37 fax store-and-forward, and T.38 fax relay (including T.38 gateway-controlled MGCP fax relay)

Dual tone multifrequency (DTMF) Relay—OOB and RFC2833

Silence suppression/comfort noise

G.711 (a-law and u-law), G.729A, G.729AB, G.729, G.729B, G.726

Support of SRST failover to a Foreign Exchange Office (FXO) or BRI backup port connected to PSTN in case of WAN failure

Direct inward dialing (DID) on FXS

Cisco 890 Series ISRs

The Cisco 890 series ISRs are fixed-configuration data routers. These routers have a Gigabit Ethernet WAN port and data backup ports.

The Cisco 890 Series ISRs support the AIM2-CUE-K9 and AIM2-APPRE-104-K9.

Table 1-3 gives the port configurations for the Cisco 890 Series ISRs.

Table 1-3

Port Configurations of the Cisco 890 Series ISRs

   

Data Backup

Model

WAN Port

FE

V.92

ISDN

891 and 891W

GE

x

x

892 and 892W

GE

x

x

The following features are supported:

8-port 10/100 FE LAN Switch, page 1-4

802.11n Wireless LAN Option, page 1-5

Real-Time Clock, page 1-5

Security Features, page 1-5

8-port 10/100 FE LAN Switch

This switch provides eight ports for connecting to 10/100BASE-T FE LANs, access points, or IP phones. In addition, an upgrade is available that gives Power over Ethernet (PoE) on four of the ports to provide power to access points or phones.

1-4

the ports to provide power to access points or phones. 1-4 Cisco 860 Series, Cisco 880

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 1

Product Overview

Licensing

802.11n Wireless LAN Option

The Cisco 890W series ISRs have integrated 802.11b/g/n and 802.11a/n dual radio modules for wireless LAN connectivity. With these modules, the router can act as an access point in the local infrastructure.

Real-Time Clock

A real-time clock (RTC) provides date and time when the system is powered on. The RTC is used to verify the validity of the Certification Authority stored on the router.

Security Features

The Cisco 890 platforms provide the following security features:

Intrusion Prevention System (IPS)

Dynamic Multipoint VPN (DMVPN)

IPsec

Quality of service (QoS)

Firewall

URL filtering

Licensing

The Cisco 860, Cisco 880, and Cisco 890 ISRs ship with licensed software installed. Software features may be upgraded and the software licenses may be managed through Cisco Licensing Manager. See Software Activation On Cisco Integrated Services Routers on Cisco.com for details.

When you order a new router, you specify the software image and feature set that you want. The image and feature set are installed on your router before you receive it, so you do not need to purchase a software license. The router stores the software license file on the flash memory.

Selecting Feature Sets

Some feature sets are bundled and offered with a software license that is installed on the hardware platforms. For a list of features available with a software license on the Cisco 860, Cisco 880, and Cisco 890 platforms, see the Cisco 860 Data Sheet, the Cisco 880 Data Sheet, and the Cisco 890Data Sheet. See Cisco IOS Software Activation Tasks and Commands on Cisco.com for details about how to activate and manage the software licenses.

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 1-5 OL-18906-02

1-5

OL-18906-02

Licensing

Chapter 1

Product Overview

1-6

Licensing Chapter 1 Product Overview 1-6 Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

CHAPTER 2 Wireless Device Overview Revised: , OL-18906-02 Wireless devices (commonly configured as access points

CHAPTER

2

Wireless Device Overview

Revised: , OL-18906-02

Wireless devices (commonly configured as access points) provide a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and flexibility with the enterprise-class features required by networking professionals. When configured as a access point, the wireless device serves as the connection point between wireless and wired networks or as the center point of a stand-alone wireless network. In large installations, wireless users within radio range of a can roam throughout a facility while maintaining seamless, uninterrupted access to the network.

With a management system based on Cisco IOS software, wireless devices are Wi-Fi CERTIFIED™, 802.11a-compliant, 802.11b-compliant, 802.11g-compliant, and 802.11n-compliant wireless LAN transceivers.

Software Modes

The access point is shipped with an autonomous image and recovery image on the access point’s flash. The default mode is autonomous, however the access point can be upgraded to operate in Cisco Unified Wireless mode.

Each mode is described below:

Autonomous mode— supports standalone network configurations, where all configuration settings are maintained locally on the wireless device. Each autonomous device can load its starting configuration independently, and still operate in a cohesive fashion on the network.

Cisco Unified Wireless mode— operates in conjunction with a Cisco Unified Wireless LAN controller, where all configuration information is maintained within the controller. In the Cisco Unified Wireless LAN architecture, wireless devices operate in the lightweight mode using Leightweight Access Point Protocol (LWAPP), (as opposed to autonomous mode). The lightweight access point, or wireless device, has no configuration until it associates to a controller. The configuration on the wireless device can be modified by the controller only when the networking is up and running. The controller manages the wireless device configuration, firmware, and control transactions such as 802.1x authentication. All wireless traffic is tunneled through the controller.

See Why Migrate to a Cisco Unified Wireless Network? on Cisco.com for more about this network architecture design,

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 2-1 OL-18906-02

2-1

OL-18906-02

Management Options

Chapter 2

Wireless Device Overview

Management Options

The wireless device runs its own version of Cisco IOS software that is separate from the Cisco IOS software operating on the router. You can configure and monitor the access point with several different tools:

Cisco IOS software command-line interface (CLI)

Simple Network Management Protocol (SNMP)

Web-browser interface

hap2-gui.html Note The web-browser interface is fully compatible with

Note

The web-browser interface is fully compatible with Microsoft Internet Explorer version 6.0 on Windows 98, 2000, and XP platforms, and with Netscape version 7.0 on Windows 98, 2000, XP, and Solaris platforms.

version 7.0 on Windows 98, 2000, XP, and Solaris platforms. Note Avoid usingthe CLI and the

Note

Avoid usingthe CLI and the web-browser tools concurrently to configure the wireless device. If you configure the wireless device using the CLI, the web-browser interface may display an inaccurate interpretation of the configuration. This inappropriate display of information does not necessarily mean the wireless device is misconfigured.

Use the interface dot11radio global configuration CLI command to place the wireless device into the radio configuration mode.

2-2

the wireless device into the radio configuration mode. 2-2 Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 2

Wireless Device Overview

Network Configuration Examples

Network Configuration Examples

Setup the access point role in any of these common wireless network configurations. The access point default configuration is as a root unit connected to a wired LAN or as the central unit in an all-wireless network. Access points can also be configured as bridges and workgroup bridges. These roles require specific configurations, as defined in the following examples.

Root Access Point, page 3

Central Unit in an All-Wireless Network, page 4

Root Access Point

An access point connected directly to a wired LAN provides a connection point for wireless users. If more than one access point is connected to the LAN, users can roam from one area of a facility to another without losing their connection to the network. As users move out of range of one access point, they automatically connect to the network (associate) through another access point. The roaming process is seamless and transparent to the user. Figure 1 shows access points acting as root units on a wired LAN.

Figure 1 Access Points as Root Units on a Wired LAN Access point Access point
Figure 1
Access Points as Root Units on a Wired LAN
Access point
Access point
135445

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 2-3 OL-18906-02

2-3

OL-18906-02

Network Configuration Examples

Chapter 2

Wireless Device Overview

Central Unit in an All-Wireless Network

In an all-wireless network, an access point acts as a stand-alone root unit. The access point is not attached to a wired LAN; it functions as a hub linking all stations together. The access point serves as the focal point for communications, increasing the communication range of wireless users. Figure 2 shows an access point in an all-wireless network.

Figure 2

Access Point as Central Unit in All-Wireless Network

Access point

135443
135443

2-4

Central Unit in All-Wireless Network Access point 135443 2-4 Cisco 860 Series, Cisco 880 Series, and

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

CHAPTER 3 Basic Router Configuration This chapter provides procedures for configuring the basic parameters of

CHAPTER

3

Basic Router Configuration

This chapter provides procedures for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access. It also describes the default configuration on startup.

Interface Ports, page 3-2

Default Configuration, page 3-2

Information Needed for Configuration, page 3-4

Configuring Command-Line Access, page 3-5

Configuring Global Parameters, page 3-7

Configuring WAN Interfaces, page 3-7

Configuring the Fast Ethernet LAN Interfaces, page 3-26

Configuring the Wireless LAN Interface, page 3-26

Configuring a Loopback Interface, page 3-26

Configuring Static Routes, page 3-27

Configuring Dynamic Routes, page 3-29

Routes, page 3-27 • Configuring Dynamic Routes, page 3-29 Note Individual router models may not support

Note

Individual router models may not support every feature described in this guide. Features that are not supported by a particular router are indicated whenever possible.

This chapter includes configuration examples and verification steps, as available.

For complete information on how to access global configuration mode, see the “Entering Global Configuration Mode” section in Appendix A, “Cisco IOS Basic Skills.”

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-1 OL-18906-02

3-1

OL-18906-02

Interface Ports

Chapter 3

Basic Router Configuration

Interface Ports

Table 3-1 lists the interfaces that are supported for each router and their associated port labels on the equipment.

Table 3-1

Supported Interfaces and Associated Port Labels by Cisco Router

Router

Interface

Port Label

Cisco 860, Cisco 880, and Cisco 890 series

Fast Ethernet LAN

LAN, FE0–FE3

Wireless LAN

(no label)

Cisco 861, 861W, 881, 881W, 881G, 881GW

Fast Ethernet WAN

WAN, FE4

Cisco 867, 867W

ADSL2oPOTS WAN

ADSLoPOTS

Cisco 886, 886W, 886G,

ADSL2oISDN WAN

ADSLoPOTS

886GW

Cisco 887, 887W

ADSL2oPOTS WAN

ADSLoPOTS

Cisco 887V, 887VW, 887VG, 887VGW

VDSL2oPOTS WAN

VDSLoPOTS

Cisco 888, 888W

G.SHDSL WAN

G.SHDSL

Cisco 891, 892

Fast Ethernet WAN

FE8

Gigabit Ethernet WAN

WAN GE 0

Default Configuration

When you first boot up your Cisco router, some basic configuration has already been performed. All of the LAN and WAN interfaces have been created, console and vty ports are configured, and the inside interface for Network Address Translation (NAT) has been assigned. Use the show running-config command to view the initial configuration, as shown in the following example for a Cisco 881W.

Router# show running-config

User Access Verification

Password:

Router> en Password:

Router# show running-config Building configuration

Current configuration : 986 bytes

!

version 12.4

no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption

!

hostname Router

!

boot-start-marker

3-2

! hostname Router ! boot-start-marker 3-2 Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 3

Basic Router Configuration

Default Configuration

boot-end-marker

!

enable secret 5 $1$g4y5$NxDeM.0hON6YA51bcfGvN1 enable password ciscocisco

!

no aaa new-model

!

!

!

!

no ip routing no ip cef

!

!

!

!

!

multilink bundle-name authe

!

!

archive

log config

hidekeys

!

!

!

!

!

interface FastEthernet0

!

interface FastEthernet1

shutdown

!

interface FastEthernet2

shutdown

!

interface FastEthernet3

shutdown

!

interface FastEthernet4 ip address 10.1.1.1 255.255.255.0 no ip route-cache duplex auto

speed auto

!

interface Vlan1 no ip address no ip route-cache shutdown

!

interface wlan-ap0 description Service Module interface to manage the embedded AP

ip unnumbered Vlan1 no cdp enable arp timeout 0

!

ip route 0.0.0.0 0.0.0.0 10.1.1.1

!

!

no ip http server

no ip http secure-server

!

!

!

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-3 OL-18906-02

3-3

OL-18906-02

Information Needed for Configuration

Chapter 3

Basic Router Configuration

!

!

control-plane

!

!

line con 0 no modem enable line aux 0 line vty 0 4 password cisco login transport input telnet ssh

!

scheduler max-task-time 5000

!

webvpn cef

end

Router#

Information Needed for Configuration

You need to gather some or all of the following information, depending on your planned network scenario, before configuring your network:

If you are setting up an Internet connection, gather the following information:

PPP client name that is assigned as your login name

PPP authentication type: Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP)

PPP password to access your Internet service provider (ISP) account

DNS server IP address and default gateways

If you are setting up a connection to a corporate network, you and the network administrator must generate and share the following information for the WAN interfaces of the routers:

PPP authentication type: CHAP or PAP

PPP client name to access the router

PPP password to access the router

If you are setting up IP routing:

Generate the addressing scheme for your IP network.

Determine the IP routing parameter information, including IP address and ATM permanent virtual circuits (PVCs). These PVC parameters are typically virtual path identifier (VPI), virtual circuit identifier (VCI), and traffic-shaping parameters.

Determine the number of PVCs that your service provider has given you, along with their VPIs and VCIs.

For each PVC determine the type of AAL5 encapsulation supported. It can be one of the following:

3-4

encapsulation supported. It can be one of the following: 3-4 Cisco 860 Series, Cisco 880 Series,

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 3

Basic Router Configuration

Configuring Command-Line Access

AAL5SNAP—This can be either routed RFC 1483 or bridged RFC 1483. For routed RFC 1483, the service provider must provide you with a static IP address. For bridged RFC 1483, you may use DHCP to obtain your IP address, or you may obtain a static IP address from your service provider.

AAL5MUX PPP—With this type of encapsulation, you need to determine the PPP-related configuration items.

If you plan to connect over an ADSL or G.SHDSL line:

Order the appropriate line from your public telephone service provider.

For ADSL lines—Ensure that the ADSL signaling type is DMT (also known as ANSI T1.413) or DMT Issue 2.

For G.SHDSL lines—Verify that the G.SHDSL line conforms to the ITU G.991.2 standard and supports Annex A (North America) or Annex B (Europe).

Once you have collected the appropriate information, you can perform a full configuration on your router, beginning with the tasks in the “Configuring Command-Line Access” section on page 3-5.

If you plan to connect voice equipment:

To obtain or change software licenses:

Configuring Command-Line Access

To configure parameters to control access to the router perform these steps, beginning in global configuration mode:

Step 1

Step 2

Step 3

Command

Purpose

line [aux | console | tty | vty] line-number

Enters line configuration mode, and specifies the type of line.

Example:

This example specifies a console terminal for access.

Router(config)# line console 0 Router(config-line)#

password password

Specifies a unique password for the console terminal line.

Example:

Router(config)# password 5dr4Hepw3 Router(config-line)#

 

login

Enables password checking at terminal session login.

Example:

Router(config-line)# login Router(config-line)#

 

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-5 OL-18906-02

3-5

OL-18906-02

Configuring Command-Line Access

Chapter 3

Basic Router Configuration

Step 4

Step 5

Step 6

Step 7

Step 8

Example

Command

Purpose

exec-timeout minutes [seconds]

Sets the interval that the EXEC command interpreter waits until user input is detected. The

Example:

Router(config-line)# exec-timeout 5 30 Router(config-line)#

default is 10 minutes. Optionally, add seconds to the interval value.

This example shows a timeout of 5 minutes and 30 seconds. Entering a timeout of 0 0 specifies never to time out.

line [aux | console | tty | vty] line-number

Specifies a virtual terminal for remote console access.

Example:

Router(config-line)# line vty 0 4 Router(config-line)#

 

password password

Specifies a unique password for the virtual terminal line.

Example:

Router(config-line)# password aldf2ad1 Router(config-line)#

 

login

Enables password checking at the virtual terminal session login.

Example:

Router(config-line)# login Router(config-line)#

 

end

Exits line configuration mode, and returns to privileged EXEC mode.

Example:

Router(config-line)# end Router#

 

The following configuration shows the command-line access commands.

You do not need to input the commands marked “default.” These commands appear automatically in the configuration file generated when you use the show running-config command.

!

line con 0 exec-timeout 10 0 password 4youreyesonly

login transport input none (default) stopbits 1 (default) line vty 0 4 password secret login

!

3-6

1 (default) line vty 0 4 password secret login ! 3-6 Cisco 860 Series, Cisco 880

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 3

Basic Router Configuration

Configuring Global Parameters

Configuring Global Parameters

To configure selected global parameters for your router, perform these steps:

Step 1

Step 2

Step 3

Step 4

Command

Purpose

configure terminal

Enters global configuration mode, when using the console port.

Example:

If you are connecting to the router using a remote terminal, use the following:

telnet router name or address Login: login id Password: ********* Router> enable

Router> enable Router# configure terminal Router(config)#

hostname name

Specifies the name for the router.

Example:

Router(config)# hostname Router Router(config)#

enable secret password

Specifies an encrypted password to prevent unauthorized access to the router.

Example:

Router(config)# enable secret cr1ny5ho Router(config)#

 

no ip domain-lookup

Disables the router from translating unfamiliar words (typos) into IP addresses.

Example:

Router(config)# no ip domain-lookup Router(config)#

 

Configuring WAN Interfaces

Configure the WAN interface for your router using one of the following as appropriate:

Configuring a Fast Ethernet WAN Interface, page 3-8

Configuring a Gigabit Ethernet WAN Interface, page 3-9

Configuring a V.92 Modem Interface, page 3-9

Configuring a VDSL2 WAN Interface, page 3-11

Configuring a G.SHDSL WAN Interface, page 3-12

Configuring the Cellular Wireless WAN Interface, page 3-14

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-7 OL-18906-02

3-7

OL-18906-02

Configuring WAN Interfaces

Chapter 3

Basic Router Configuration

Configuring a Fast Ethernet WAN Interface

To configure the Fast Ethernet interface on a Cisco 861 or 881 ISR, perform these steps, beginning in global configuration mode:

 

Command

Purpose

Step 1

interface type number

Enters the configuration mode for a Fast Ethernet WAN interface on the router.

Example:

Router(config)# interface fastethernet 4 Router(config-if)#

 

Step 2

ip address ip-address mask

Sets the IP address and subnet mask for the specified Fast Ethernet interface.

Example:

Router(config-if)# ip address 192.168.12.2

 

255.255.255.0

Router(config-if)#

Step 3

no shutdown

Enables the Ethernet interface, changing its state from administratively down to administratively up.

Example:

Router(config-if)# no shutdown Router(config-if)#

 

Step 4

exit

Exits configuration mode for the Fast Ethernet interface and returns to global configuration mode.

Example:

Router(config-if)# exit Router(config)#

 

3-8

Router(config-if)# exit Router(config)#   3-8 Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 3

Basic Router Configuration

Configuring WAN Interfaces

Configuring a Gigabit Ethernet WAN Interface

To configure the Gigabit Ethernet interface on a Cisco 891 or 892 ISR, perform these steps, beginning in global configuration mode:

 

Command

Purpose

Step 1

interface type number

Enters the configuration mode for a Gigabit Ethernet WAN interface on the router.

Example:

Router(config)# interface gigabitethernet 1 Router(config-if)#

 

Step 2

ip address ip-address mask

Sets the IP address and subnet mask for the specified Gigabit Ethernet interface.

Example:

Router(config-if)# ip address 192.168.12.2

 

255.255.255.0

Router(config-if)#

Step 3

no shutdown

Enables the Ethernet interface, changing its state from administratively down to administratively up.

Example:

Router(config-if)# no shutdown Router(config-if)#

 

Step 4

exit

Exits configuration mode for the Gigabit Ethernet interface and returns to global configuration mode.

Example:

Router(config-if)# exit Router(config)#

 

Configuring a V.92 Modem Interface

The Cisco 891 ISR has a V.92 modem backup interface. To configure this interface, perform these steps, beginning in global configuration mode:

 

Command

Purpose

Step 1

interface type number

Enters the configuration mode for a V.92 WAN interface (serial interface) on the router.

Example:

Router(config)# interface async 1

 

Step 2

ip address ip-address mask

Sets the IP address and subnet mask for the specified V.92 interface.

Example:

Router(config-if)# ip address 192.168.12.2

 

255.255.255.0

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-9 OL-18906-02

3-9

OL-18906-02

Configuring WAN Interfaces

Chapter 3

Basic Router Configuration

 

Command

Purpose

Step 3

encapsulation ppp

Sets the encapsulation method to point-to-point protocol (PPP) for the serial interface.

Example:

Router(config-if)# encapsulation ppp

 

Step 4

dialer in-band

Specifies that dial-on-demand routing (DDR) is supported.

Example:

Router(config-if)# dialer in-band

 

Step 5

dialer string dial-string

Specifies the string (telephone number) to be used when placing a call from the interface.

Example:

Router(config-if)# dialer string 102

 

Step 6

dialer-group group-number

Configures the interface to belong to a specific dialing access group.

Example:

Router(config-if)# dialer-group 1

 

Step 7

async mode dedicated

Places the line into dedicated asynchronous mode using Serial Line Internet Protocol (SLIP) or PPP encapsulation.

Example:

Router(config-if)# async mode dedicated

 

Step 8

exit

Exits configuration mode for the V.92 interface and returns to global configuration mode.

Example:

Router(config-if)# exit Router(config)#

 

3-10

Router(config-if)# exit Router(config)#   3-10 Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

OL-18906-02

Chapter 3

Basic Router Configuration

Configuring WAN Interfaces

Configuring a VDSL2 WAN Interface

The VDSL2 WAN interface is used on the Cisco 887V ISR platforms. Note that the VDSL2 WAN interface uses Ethernet as the Layer 2 transport mechanism. To configure VDSL2 on the Cisco 887V ISR, perform these steps, beginning in global configuration mode.

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

Command

Purpose

controller vdsl 0

Enters controller configuration mode and the controller number.

Example:

Example:

Router# config t Router(config)# controller vdsl 0

Note

There is no need to configure any VDSL2 parameters from CPE side. Any specific VDSL2 settings should be set on the DSLAM side.

interface type number

Enters the configuration mode for Ethernet Layer 2 transport on the VDSL WAN interface on the router.

Example:

Router(config)# interface ethernet 0 Router(config-if)#

 

ip address ip-address mask

Sets the IP address and subnet mask for the interface.

Example:

Router(config-if)# ip address 192.168.12.2

 

255.255.255.0

Router(config-if)#

shutdown

Disables the interface, changing its state from administratively up to administratively down.

Example:

Router(config-if)# no shutdown Router(config-if)#

 

no shutdown

Enables the interface, changing its state from administratively down to administratively up.

Example:

Router(config-if)# no shutdown Router(config-if)#

 

exit

Exits configuration mode and returns to global configuration mode.

Example:

Router(config-if)# exit Router(config)#

 

Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide

Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide 3-11 OL-18906-02

3-11

OL-18906-02

Configuring WAN Interfaces

Chapter 3