Cisco 700 Series Router Configuration Guide Software Release 4.4. Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTE NTS About This Manual vii Related Documentation Conventions Chapter 1 Overview viii ix 1-1 Supported Protocols Software Images 1-1 1-2 Administrative Configuration Options Chapter 2 1-3 Using Profiles with Cisco 700 Series Routers Profile Overview 2-1 Profiles and Connections 2-1 2-2 System and Profile Parameters System Mode Parameter Set Profile Mode Parameter Set Permanent Profiles 2-4 2-2 2-3 2-3 Creating and Modifying Profiles 2-5 Displaying Profile Configurations 2-5 Removing P
Password and Secret 3-4 Additional Reference 3-4 Starting Point 3-4 Setting SPID Autodetection (North America only) 3-5 Setting SPIDs Manually (North America only) 3-6 Bridging with a Cisco 700 Series Router 3-7 Cisco 700 Series Router Bridging Instructions 3-8 Routing IP with a Cisco 700 Series Router to an ISP 3-9 Routing a Cisco 700 Series Router to an ISP Instructions Routing IP to a Central Site 3-11 Central Site IP Routing Command Summary 3-13 Routing IP and IPX On-Demand 3-14 On-Demand IP and IPX
Dynamic Routing Protocols 4-14 Bridging to a Router Running Cisco IOS Software Chapter 5 4-15 Configuring DHCP Relay, DHCP Server, and PAT DHCP Description 5-2 DHCP Server Application Notes DHCP Relay Application Notes PAT Description 5-3 PAT Application Notes 5-1 5-2 5-3 5-3 IPCP Description 5-4 IPCP Address Negotiation Application Notes PPP IPCP Negotiation Example 5-5 Cisco 765 Series Router Commands Verify the Configuration 5-6 5-4 5-5 DHCP Relay with IPCP Negotiation Example Cisco 765 Serie
Chapter 6 Configuring Remote CAPI 6-1 CAPI and RVS-COM 6-2 Supported D-Channel Protocols 6-3 Supported Applications 6-3 Remote CAPI Router Commands 6-3 Configuring the Cisco 700 Router as an RCAPI Server RCAPI Command Summary 6-4 Verify the Configuration 6-5 Appendix A Token Card and Cisco Secure Authentication Support Token Caching vi Cisco 700 Series Router Configuration Guide A-2 6-4 A-1
About This Manual This chapter discusses the organization, related documentation, and conventions of the Cisco 700 Series Router Configuration Guide. This document is organized as follows: • Chapter 1, “Overview,” provides a brief overview of Cisco IOS-700 software and supported protocols. • Chapter 2, “Using Profiles with Cisco 700 Series Routers,” describes a set of user-defined parameters grouped in a customized profile and associated with a specific remote device.
Related Documentation Related Documentation The following documentation is also provided with your Cisco 700 series router: • Release Notes for Cisco 700 Series Router Software provides the latest information on the router software. Release notes for previous versions of the software are on the Cisco Documentation CD-ROM and the Cisco Web site.
Conventions Conventions This publication uses the following conventions to convey instructions and information: • The caret character (^) represents the Control key. For example, the key combinations ^D and Ctrl-D are equivalent: Both mean hold down the Control key while you press the D key. Keys are indicated in capitals, but are not case sensitive. • A string is defined as a nonquoted set of characters. There are a few strings that include quotation marks as part of the statement.
Conventions The actual commands you enter are not case sensitive. The capitalization and bold type are used in this manual only to differentiate the characters required for the abbreviated forms of commands.
CH APTE R 1 Overview Cisco 700 series routers connect small office Ethernet LANs to corporate networks through Integrated Services Digital Network (ISDN) Basic Rate Interface (BRI) lines. After configuration, the router automatically routes packets to and from remote destinations using IP or Internetwork Packet Exchange (IPX). The Cisco 700 series router is a fixed configuration router. The router operating system is called Cisco IOS-700 software and is unique to the Cisco 700 series router.
Software Images • • • • • • • • • Trivial File Transfer Protocol (TFTP server) Simple Network Management Protocol (SNMP) Routing Information Protocol (RIP) for IP and IPX Triggered RIP for IP Challenge Handshake Authentication Protocol (CHAP) Dynamic Host Configuration Protocol (DHCP) Port Address Translation (PAT) Remote Common Application Programmers Interface (RCAPI) ISDN Device Control Protocol (ISDN-DCP) Software Images The Cisco 700 Series routers run a proprietary Cisco software (Cisco IOS-700 sof
Administrative Configuration Options • Remote Office (IP/IPX, 1500 LAN devices, compression) images have an "r" designation. • Remote Office X.25 (IP/IPX, 1500 LAN devices, compression, X.25) images have an "rxd" designation. So the example image named "c760-in.b-TPH.43-1.bin" is a Series 760 router image software Release 4.3(1) with the Internet Ready feature set for Australia. (All Cisco 700 series routers run Series 760 router images. There are no Series 770 router images.
Administrative Configuration Options 1-4 Cisco700 Series Router Command Reference
CH APTE R 2 Using Profiles with Cisco 700 Series Routers A profile is a set of configuration parameters associated with ports on the router or WAN devices. This chapter contains the following sections: • • • • • Profile Overview System and Profile Parameters Creating and Modifying Profiles Incoming Calls Outgoing Calls Profile Overview There are two modes in which you can set parameters, the system mode and the profile mode. System mode parameters affect the configuration on a global level.
System and Profile Parameters In addition to user-defined profiles, there are three permanent profiles, Internal, LAN, and Standard. The Internal profile stores parameters used to communicate between the LAN and WAN ports on the Cisco 700 series router. The LAN profile stores parameters that configure the LAN port on the router. The Standard profile is the default profile.
System Mode Parameter Set All profiles are based on the profile template and inherit the system-level values. When you create a new profile, its default values are taken from the profile template. System Mode Parameter Set System mode parameters affect the router as a system. Table 2-1 lists the system parameters.
System and Profile Parameters Table 2-2 lists the parameters that can be configured in a profile.
Creating and Modifying Profiles Creating and Modifying Profiles A new profile is created with the set user command. When you create a new profile, you automatically enter profile mode for that profile. The following example creates a user profile called tomd.
Incoming Calls In the following example, the profile parameter number is removed from the profile by using the unset command: Host:Profile> unset number Deleting Profiles The reset user command deletes a user-defined profile from the router. The three permanent profiles (LAN, Internal, and Standard) cannot be deleted. This command also closes any connection associated with the profile.
Outgoing Calls If the profile is configured to remain active after a link disconnects, a virtual connection remains. The virtual connection monitors the LAN traffic. If packets destined for the WAN are detected, the router opens up the physical connection and forwards the packets. If the profile is configured to become inactive after a link disconnects, both the physical link and the virtual connection to the remote router are disconnected until another call is received from the same remote router.
Outgoing Calls 2-8 Cisco700 Series Router Configuration Guide
CH APTE R 3 Basic Configurations This chapter contains basic configuration examples for connecting a Cisco 700 series router to an Internet service provider (ISP) or to a central site, such as your company network. It is assumed that your router is cabled as described in the Cisco 700 Quick Reference Guide.
Basic Configuration Concepts Bridges and Routers Routers forward packets on to specific network segments based on a logical network address, reducing network traffic by keeping unnecessary packets off network segments by only forwarding packets to segments as required. A bridge joins individual network segments into a single network. The bridge floods packets on to all the network segments it is connected to. In other words, bridges offer simplicity and routers offer a greater degree of control.
Current Configuration You can display the current configuration at any time using the show configuration command. If you issued the command in system mode, system mode commands display. If you issue the command in profile mode, profile mode commands display. An asterisk (*) next to a value indicates the value has been modified from the default value.
Basic Configuration Concepts The following sample display shows output for the Cisco 700 series routers, from the show configuration command in system mode: Host> show config System Parameters Environment Screen Length Echo Mode CountryGroup Bridging Parameters LAN Forward Mode WAN Forward Mode Address Age Time Call Startup Parameters Multidestination Line Parameters Switch Type Call Parameters Retry Delay Profile Parameters Bridging Parameters Bridging Routed Protocols Learn Mode Passthru Call Startup Par
Password and Secret There are several types of authentication, such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). To avoid confusion, the PAP password is referred to as password, and the CHAP secret password is referred to as secret. The PAP password is plain text. The CHAP secret is encrypted.
Starting Point Setting a SPID is described in the section “Setting SPID Autodetection (North America only)” in this chapter (recommended if you are connecting to a service provider where the ISDN switch type is DMS-100 or National ISDN-1 (NI1)) or to enter the SPIDs manually, as described in the section “Setting SPIDs Manually (North America only)” in this chapter.
Setting SPIDs Manually (North America only) SPIDs can be detected automatically using the set autodetection command, or SPIDs can be entered manually, as described in this section. If the service provider switch type is 5ESS Custom PPP, you do not need to enter SPIDs; go to the next section. If the service provider switch type is DMS-100, National (NI1), or 5ESS Multipoint, continue with this section.
Bridging with a Cisco 700 Series Router values for DMS-100 and NI1 switches: ISDN number, 4085551212; SPID 1, 408555121201; SPID 2, 408555121202. In this case the SPID is the 10-digit ISDN number ending with a “01” for SPID 1 and a “02” for SPID 2. Bridging with a Cisco 700 Series Router This section describes how to bridge a Cisco 700 series router over an ISDN line to another router. Bridging is used in cases where you do not need a lot of filtering to manage the network.
across the ISDN line. In a bridging scenario, the router does not need an IP address and bridging occurs regardless. The IP address is used when the router is being managed remotely by a Telnet session or participating in SNMP. Both sides of the WAN must be configured with PPP host names, secrets, and passwords for authentication. Each profile must also include dialing information. Cisco 700 Series Router Bridging Instructions The IP address and subnet mask are not entered.
Routing IP with a Cisco 700 Series Router to an ISP The example also uses an unnumbered IP address on the Cisco 700 series router and a dynamically-assigned IP address from the ISP, a common practice used to conserve IP addresses. Figure 3-2 Connecting to an ISP–Example Configuration ISDN (WAN) interface IP address: 0.0.0.0. Subnetwork mask: 0.0.0.0. Ethernet (LAN) interface IP address: 172.16.17.9 Subnet mask: 255.255.255.
Routing a Cisco 700 Series Router to an ISP Instructions Following is the command summary for configuring the remote Cisco 700 series router to connect to an ISP: set system 764 cd lan set ip address 172.16.17.9 set ip netmask 255.255.255.248 set ip routing on set user isp set number 5558011 set ppp password client set ppp secret client set ppp address negotiation local on set ip routing on set ip route destination 0.0.0.0/0 gateway 0.0.0.0 propagate on set bridging off set ip address 0.0.0.
Routing IP to a Central Site Routing IP to a Central Site—Example Configuration Ethernet interface IP address: 172.15.1.100 IP subnet mask: 255.255.255.0 ISDN interface IP address: 10.48.125.7 IP subnet mask: 255.255.255.0 Ethernet interface IP address: 172.16.17.9 IP subnet mask: 255.255.255.0 ISDN interface IP address: 10.48.125.4 IP subnet mask: 255.255.255.
Central Site IP Routing Command Summary Following is the command summary for configuring the remote Cisco 765 router for on-demand IP routing using PPP: set system remote765 set multidestination on cd LAN set ip address 172.16.17.9 set ip netmask 255.255.255.0 set ip routing on set ip rip update periodic set user central765 set ppp password client set ppp secret client set ip address 10.48.125.7 set ip netmask 255.255.255.0 set ip routing on set ip rip update demand set ip route destination 0.0.0.
Routing IP and IPX On-Demand Following is the command summary for configuring the central site Cisco 700 series router for on-demand IP routing with PPP: set system central766 set multidest on set ppp auth in chap set ppp secret host cd lan set ip address 172.15.1.100 set ip netmask 255.255.255.0 set ip routing on set ip rip update periodic set user remote765 set ppp auth out chap set ppp secret client set bridging off set ip address 10.48.125.4 set ip netmask 255.255.255.
Routing IP and IPX On-Demand—Example Configuration ISDN interface IP address: 10.32.125.7 IP subnet mask: 255.255.255.0 IPX network: 32125 Ethernet interface IP address: 172.16.17.9 IP subnet mask: 255.255.255.0 IPX network: 1478 IPX Framing 802.2 765 Cisco765 Remote router System name: remote765 ISDN number: 5553693/4 User profile name: central765 Ethernet interface IP address: 172.15.1.100 IP subnet mask: 255.255.255.0 IPX network: 73146 IPX framing 802.2 ISDN interface IP address: 10.32.125.
Routing IP and IPX On-Demand On-Demand IP and IPX Routing with PPP Instructions Following is the command summary for configuring the remote Cisco 765 router for on-demand IP and IPX routing using PPP: set system remote765 set multidestination on set ppp password client set ppp secret client set ppp auth out chap set ppp password host set ppp secret host cd LAN set ipx routing on set ipx network 1478 set ipx framing 802.2 set ipx rip update periodic set ip address 172.16.17.9 set ip netmask 255.255.255.
Central Site On-Demand IP and IPX Routing with PPP Commands Following is the command summary for configuring the central site Cisco 700 series router router for on-demand IP and IPX routing using PPP: set system central765 set multidestination on set ppp auth in chap set ppp secret client cd lan set ipx routing on set ipx network 73146 set ipx framing 802.2 set ipx rip update periodic set ip address 172.15.1.100 set ip netmask 255.255.255.
Routing IP and IPX On-Demand 3-18 Cisco 700 Series Router Configuration Guide
CH APTE R 4 Using CHAP This chapter contains configuration examples for connecting a Cisco 700 series router to a router running Cisco IOS software. In these examples, the remote router is a Cisco 765 series router, and the central site router is a Cisco 4500 series router. Any Cisco 700 series router can be used in place of the remote Cisco 765 series router. Any router running Cisco IOS software can replace the central site Cisco 4500 series router.
SPID Detection (North America only) SPID Detection (North America only) In North America, SPIDs can be automatically detected or manually configured. For more information on SPID detection, see "Setting SPID Autodetection (North America only)" and "Setting SPIDs Manually (North America only)" in the "Basic Configurations" chapter.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary for configuring the remote Cisco 765 series router for IP static routing and callback with CHAP authentication: set switch 5ess set 1 dir directory_number set 2 dir directory_number set system 765 set ppp authentication incoming chap set ppp secret client set multidestination on cd lan set ip address 192.168.147.9 set ip netmask 255.255.255.
IP Static Routing with CHAP Authentication and MLP IP Static Routing with CHAP Authentication and MLP This section describes how to configure the central site Cisco 4500 series router and the remote Cisco 765 series router for IP static routing with Challenge Handshake Authentication Protocol (CHAP) and Multilink Protocol (MLP). Figure 4-2 is an illustration of the configuration used in this example. IP Static Routing with CHAP Authentication and MLP Serial interface IP address: 172.16.125.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary to configure the remote Cisco 765 series router for IP static routing with CHAP and MLP: set switch 5ess set 1 dir directory_number set 2 dir directory_number set system 765 set multidestination on set ppp multilink on set ppp authentication incoming chap set ppp authentication outgoing chap cd lan set ip address 192.168.147.9 set ip netmask 255.255.255.
IP Static Routing with PAP Authentication and MLP IP Static Routing with PAP Authentication and MLP This section describes how to configure the central site Cisco 4500 series router and the remote Cisco 765 series router for Internet Protocol (IP) static routing with Password Authentication Protocol (PAP) authentication. Figure 4-3 is an illustration of the configuration used in this example. IP Static Routing with PAP Authentication Serial interface IP address: 172.16.125.7 IP subnet mask: 255.255.255.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary to configure the remote Cisco 765 series router for IP static routing with PAP authentication: set switch 5ess set 1 dir directory_number set 2 dir directory_number set system 765 set multidestination on set ppp multi on set ppp authentication in pap set ppp authentication out pap cd lan set ip address 192.168.147.9 set ip netmask 255.255.255.
IP Unnumbered Static Routing and CHAP with MLP IP Unnumbered Static Routing and CHAP with MLP This section describes how to configure the central site Cisco 4500 series router and the remote Cisco 765 series router for Internet Protocol (IP) unnumbered routing with Challenge Handshake Authentication Protocol (CHAP) authentication and Multilink Protocol (MLP). Figure 4-4 is an illustration of the configuration used in this example.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary for configuring the remote Cisco 765 series router for IP unnumbered routing with CHAP authentication and MLP: set switch 5ess set system 765 set multidestination on set ppp multilink on set ppp authentication incoming chap set ppp authentication outgoing chap set ppp secret client set ppp secret host cd lan set ip address 192.168.147.9 set ip netmask 255.255.255.
IP Static and IPX Static Routing with CHAP and MLP IP Static and IPX Static Routing with CHAP and MLP This section describes how to configure the central site Cisco 4500 series router and Cisco 765 series router for Internet Protocol (IP) static and Internetwork Packet Exchange (IPX) static routing with Point-to-Point Protocol (PPP) using CHAP and MLP. Figure 4-5 is an illustration of the configuration used in this example. IP Static and IPX Static Routing with PPP Serial interface IP address: 172.16.125.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary to configure the remote Cisco 765 series router for IP static and IPX static routing with PPP using CHAP and MLP: set switch 5ess set 1 dir directory_number set 2 dir directory_number set system 765 set multidestination on set ppp authentication incoming chap set ppp authentication outgoing chap set ppp secret client set ppp secret host cd lan set ipx network 1478 set ipx framing 802.
IPX Static Routing with CHAP and MLP IPX Static Routing with CHAP and MLP This section describes how to configure the remote Cisco 765 series router and the central site Cisco 4500 series router for Internetwork Packet Exchange (IPX) static routing with Point-to-Point Protocol (PPP). Figure 4-6 is an illustration of the configuration used in this example.
Remote Cisco 765 Command Summary Remote Cisco 765 Command Summary Following is the command summary for configuring the remote Cisco 765 series router for IPX static routing with PPP: set switch 5ess set 1 dir directory_number set 2 dir directory_number set system 765 set multidestination on set ppp auth in chap set ppp secret client set ppp secret host set multilink on cd lan set ipx network 1478 set ipx framing 802.
Multilink PPP Encapsulation Multilink PPP Encapsulation Cisco 700 series routers implement multilink PPP, which is available in Release 11.0(3) or later of Cisco IOS software. You can disable multilink PPP in the following two environments: • You are connecting your Cisco 700 series router to a router running a Cisco IOS release prior to 11.0(3). • You are connecting your Cisco 700 series router to a router running Cisco IOS Release 11.
Bridging to a Router Running Cisco IOS Software Bridging to a Router Running Cisco IOS Software It is possible to bridge data over ISDN to and from Cisco ISDN routers. Depending on your network environment, this might be an ideal solution. Bridging offers configuration simplicity with few concerns regarding network address space limitations and unroutable protocols. Bridging also offers compatibility with other products that need to bridge.
Bridging to a Router Running Cisco IOS Software 4-16 Cisco700 Series Router Configuration Guide
CH APTE R 5 Configuring DHCP Relay, DHCP Server, and PAT Cisco 700 series routers can perform the role of the relay agent, relaying IP configuration information request packets from the LAN interface, over the ISDN interface, to a specified Dynamic Host Configuration Protocol (DHCP) server. Cisco 700 series routers provide DHCP relay, DHCP server, Port Address Translation (PAT), and Internet Protocol Control Protocol (IPCP).
DHCP Description DHCP Description DHCP is a client-server protocol that allows devices on an IP network (the DHCP clients) to request configuration information from a DHCP server. DHCP allocates network addresses from a central pool on an as-needed basis. DHCP is useful for assigning IP addresses to hosts connected to the network temporarily or for sharing a limited pool of IP addresses among a group of hosts that do not need permanent IP addresses.
DHCP Relay Application Notes DHCP Relay Application Notes The following are application notes for DHCP relay: • The IP address in the Internal profile must be on the same network as that of the DHCP clients. • A firewall configuration (where there is an Internal profile and LAN IP address) does not work with DHCP relay. • A configuration where PAT is on and DHCP relay is enabled is not valid. DHCP relay will attempt to cross from a public to a private domain.
IPCP Description IPCP Description If you are using IP routing, Cisco 700 series routers must be configured for IPCP to connect to routers running Cisco IOS software. Use the set ip framing command in profile mode to enable IPCP for user-defined WAN profiles by setting IP framing to none. The following example illustrates IPCP enabled by disabling IP framing: 766:2503> set ip framing none Note Do not set the ip framing or the ipx framing commands to none when configuring the permanent LAN profile.
PPP IPCP Negotiation Example PPP IPCP Negotiation Example This section describes how to configure a remote Cisco 700 series router for PPP IPCP negotiation to a central site router, such as a Cisco 4500 series router, that is running Cisco IOS software. Figure 5-1 is an illustration of the configuration used in this example.
DHCP Relay with IPCP Negotiation Example Verify the Configuration You can use the show ip configuration all and show ip route all commands to see the IPCP negotiation address. DHCP Relay with IPCP Negotiation Example This section describes how to configure a remote Cisco 700 series router for DHCP relay with IPCP negotiation to a central-site router running Cisco IOS software. Figure 5-2 is an illustration of the configuration used in this example.
Verify the Configuration Verify the Configuration You can use the show ip configuration and show ip route commands to see the IPCP negotiation address. You can use the show dhcp configuration command to see the IP address returned by DHCP. DHCP Server with IPCP Negotiation Example This section describes how to configure a remote Cisco 700 series router as a DHCP server with IPCP negotiation to a central-site router running Cisco IOS software.
DHCP Server with IPCP Negotiation Example Cisco 765 Series Router Commands Following are the commands for configuring the remote Cisco 765 series router as a DHCP server with IPCP negotiation with a Cisco 4500 router: set switch NI-1 set 1 dir 5551211 set 2 dir 5551212 set 1 spid 88855512110101 set 2 spid 88855512120101 set system 765 set dhcp server set dhcp address 172.168.1.2 128 set dhcp netmask 255.255.255.0 set dhcp gateway primary 172.168.1.1 cd lan set ip address 172.168.1.1 set ip netmask 255.255.
PAT with IPCP Single-Destination Negotiation Example PAT with IPCP Single-Destination Negotiation Example This section describes how to configure a remote Cisco 700 series router for PAT with IPCP single-destination negotiation to a central-site router running Cisco IOS software. Figure 5-4 is an illustration of the configuration used in this example. Figure 5-4 PAT with IPCP Single-Destination Negotiation FTP server ISDN network 10.0.0.1 Cisco 765 10.0.0.
PAT with IPCP Single-Destination Negotiation Example Cisco 765 Series Router Commands Following are the commands for configuring the remote Cisco 765 series router for PAT with IPCP single-destination negotiation with a Cisco 4500 router: set system 765 set ip pat po ftp 10.0.0.2 cd lan set ip address 10.0.0.1 set ip netmask 255.0.0.
DHCP Server and PAT with IPCP Single-Destination Negotiation Example DHCP Server and PAT with IPCP Single-Destination Negotiation Example This section describes how to configure a remote Cisco 700 series router for DHCP server with PAT and IPCP single-destination negotiation to a Cisco 4500 series router running Cisco IOS software at a central site. Figure 5-5 is an illustration of the configuration used in this example.
DHCP Server and PAT with IPCP Single-Destination Negotiation Example Cisco 765 Series Router Commands Following are the commands for configuring the remote Cisco 765 series router for PAT with IPCP single-destination negotiation with a Cisco 4500 router: set system 765 set ppp secret client set ppp password client set dhcp server set dhcp address 172.168.99.2 128 set dhcp netmask 255.255.255.0 set dhcp gateway primary 172.168.99.1 set ip pat porthandler ftp 172.168.99.
DHCP Server with PAT and IPCP Dual-Destination PPP Negotiation Example DHCP Server with PAT and IPCP Dual-Destination PPP Negotiation Example This section describes how to configure a remote Cisco 700 series router for DHCP server with PAT and IPCP dual-destination PPP negotiation to two routers running Cisco IOS software. Figure 5-6 is an illustration of the configuration used in this example.
DHCP Server with PAT and IPCP Dual-Destination PPP Negotiation Example Cisco 765 Series Router Commands Following are the commands for configuring the remote Cisco 765 series router as a DHCP server with PAT and IPCP multilink PPP to two routers running Cisco IOS software: set system 765 set ppp secret client set ppp password client set dhcp server set dhcp address 172.168.99.2 128 set dhcp netmask 255.255.255.0 set dhcp gateway primary 172.168.99.1 set ip pat porthandler ftp 172.168.99.
Verify the Configuration Verify the Configuration When a demand call is made, you can use the show ip configuration all command to see the IPCP negotiation address. You can use the show dhcp connections command to see the IP addresses returned by DHCP.
DHCP Server with PAT and IPCP Dual-Destination PPP Negotiation Example 5-16 Cisco700 Series Router Configuration Guide
CH APTE R 6 Configuring Remote CAPI This chapter provides procedures for configuring Remote Common Application Programming Interface (CAPI) support on a Cisco 700 series router. CAPI is an application programming interface standard used to access ISDN equipment connected to Basic Rate Interfaces (BRIs) and Primary Rate Interfaces (PRIs). CAPI provides a standardized interface that allows application programs to use ISDN drivers and controllers. One application can use one or more controllers.
CAPI and RVS-COM CAPI and RVS-COM The Cisco 700 series router supports the ISDN Device Control Protocol (ISDN-DCP) from RVS-COM. ISDN-DCP allows a workstation on the LAN to use legacy dial computer telephony integration (CTI) applications. These applications include fax transmitting and receiving and placing and receiving phone calls. Using ISDN-DCP, the router acts as a DCP server.
Supported D-Channel Protocols — Modem with full negotiation • CAPI layer B3 — Transparent — T.90NL with compatibility with T.70NL, according to T.90 Appendix II — ISO 8208 (X.25 DTE-DTE) modulo 8 and windows size 2, no multiple logical connections — T.30 for fax group 3 — Modem with full negotiation • T.30 for fax group 3 (SFF file format [default], sending and receiving up to 14400 bps with ECM option, modulations V.17, V.21, V.27ter, V.
Configuring the Cisco 700 Router as an RCAPI Server Configuring the Cisco 700 Router as an RCAPI Server This section describes how to configure the Cisco 700 series router to be an RCAPI server. By default, RCAPI is disabled in the router. Enabling RCAPI causes the router to become an RCAPI server. When RCAPI is enabled, the router listens for incoming RCAPI messages from PCs connected on its LAN side. By default, the router listens for RCAPI messages on TCP port 2578.
Verify the Configuration Verify the Configuration You can use the command show rcapi status to see the status of RCAPI server, the clients that are in the listening state, and the status of RCAPI calls: local-router> show rcapi status Rcapi Sever ON Rcapi Server Port 2578 Rcapi Number(s) 5554000 CLIENT SESSION-ID LISTEN CONNECTION-ID TYPE CALL-STATUS -----------------------------------------------------------------------192.168.100.
Configuring the Cisco 700 Router as an RCAPI Server 6-6 Cisco700 Series Router Configuration Guide
APPE NDIX A Token Card and Cisco Secure Authentication Support This appendix provides Token Card and Cisco Secure Authentication support concepts as they apply to the Cisco 700 series router. Cisco Secure Authentication Agent supports single-user mode, which extends B channel authentication to a Cisco Secure Authentication Agent client. Token cards are considered the most secure authentication solution available. There are two kinds of token cards, synchronous and asynchronous.
Token Caching Otherwise, the router sends the request to the source of the interesting packet received if the interesting packet is an IP packet. The router sends the request to the designated client if the interesting packet is not an IP packet. Step 3 The agent software recognizes the UDP/IP packet and opens an authentication window on the terminal. The user enters the username and token. The agent organizes the information into the PAP and CHAP username and password, based on the router configuration.
Token Caching Figure A-2 PAP Client Packet Client PPP PAP Packet username username token token Cisco 700 Series Router Configuration CHAP Local Secret Client username*token PPP PAP Packet username*token MD5 (challenge, knock) Cisco 700 Series Router Configuration authorization protocol = CHAP use local secret = Yes secret = knock 10262 Figure A-3 10260 authorization protocol = PAP local secret = N/A Token Card and Cisco Secure Authentication Support A-3
Token Caching A-4 Cisco700 Series Router Configuration Guide
INDEX Numerics 5ESS 3-6 A Address Resolution Protocol See ARP address, MAC 3-8 addressing, DHCP 5-2 AppleTalk 4-15 ARP, supported protocol 1-1 authentication 2-4 CHAP 3-4 PPP 3-8 autodetection set autodetection command 3-5 troubleshooting 3-6 B B channel 3-6 BCP, supported protocol Bridge Control Protocol See BCP bridging 3-7, 4-15 configuration example interoperability issues C CAPI 6-1 caution description cd command 2-5 x 1-1 3-7 4-15 Challenge Handshake Authentication Protocol See CHAP changing
routing to an ISP 3-9 ISDN PRI 4-1 line 3-5 options 1-3 port 1-3 profiles 2-1 Remote CAPI example 6-4 system level 2-2 Telnet 1-3 Web sources viii connections ISP 3-9 creating profiles 2-5 D deleting profiles 2-6 demand RIP 4-14 DHCP clients 5-2 default gateway 5-2 network addresses 5-2 relay 5-1 with IPCP negotiation 5-6 server 5-2 with IPCP negotiation 5-7 with PAT and IPCP dual-destination PPP negotiation 5-13 with PAT and IPCP single-destination negotiation 5-11 supported protocol 1-2 DMS-100 ISDN BRI
IPX 3-14, 3-17 configuration example, routing IP and IPX on-demand 3-14 IPXCP interoperability issues 5-1 supported protocol 1-1 ISDN BRI number 3-6 PRI configuration 4-1 ISDN Device Control Protocol See ISDN-DCP ISDN-DCP, supported protocol 1-2 ISP, connections 3-9 N NCP 3-11 NetBIOS 4-15 network address DHCP 5-2 space limitations 4-15 Network Control Protocol See NCP NI1 switch 3-7 nonvolatile random access memory See NVRAM note, description x Novell IPX 4-15 NVRAM 2-1 L LAN Ethernet 10BaseT connection
PPP 3-11 configuration example routing IP and IPX on-demand 3-14 IP and IPX routing 3-14 IPCP negotiation 5-5 multilink encapsulation, interoperability 4-14 supported protocol 1-1 private IP addresses 5-3 profile-level parameters 2-1 profiles active 2-2, 2-6 changing a profile name 2-6 creating 2-5 definition 3-2 deleting 2-6 displaying configurations 2-5 inactive 2-2, 2-6 on-demand 2-2 parameters 2-2 permanent 2-4 Internal 2-4 LAN 2-4 Standard 2-4 redefined values indicator 2-5 removing parameters 2-5 syst
show dhcp configuration 5-7 show dhcp connections 5-15 show ip configuration command 5-6 show ip route command 5-6 show rcapi status command 6-5 Simple Network Management Protocol See SNMP commands SNMP, supported protocol 1-2 software image 1-3 software, Cisco IOS-700 1-2 SPIDs 3-6 autodetection 3-5 definintion 3-5 troubleshooting 3-6 supported protocols 1-1 ARP 1-1 BCP 1-1 CHAP 1-2 DHCP 1-2 ICMP 1-1 IPCP 1-1 IPXCP ISDN-DCP 1-2 MLPPP 1-1 PAP 1-1 PAT 1-2 PPP 1-1 RCAPI 1-2 RIP SAP 1-1 SNMP 1-2 TFTP 1-2 syste
