Cisco Router 800 Series Software Configuration Guide
Have a look at the manual Cisco Router 800 Series Software Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
4-23 Cisco 800 Series Software Configuration Guide 78-5372-06 Chapter 4 Network Scenarios Internet Access Scenarios Configuring NAT Follow the steps below to configure NAT, beginning in global configuration mode. Configuration Example In the following configuration example, you do not have to enter the commands marked “default.” These commands appear automatically in the configuration file that is generated when you use the show running-config command. interface Ethernet0 ip address 192.168.1.1 255.255.255.0 no ip directed-broadcast (default) ip nat inside ! interface ATM0 no ip address no ip directed-broadcast (default) ip nat outside no atm ilmi-keepalive (default) pvc 8/35 Command Task Step 1ip nat inside source list 1 interface dialer 0 overloadEnable dynamic translation of addresses permitted by the access list to one of addresses specified in the dialer interface. Step 2ip route 0.0.0.0.0.0.0.0 dialerSet the ip route to point to the dialer interface as a default gateway. Step 3access-list 1 permit 192.168.1 0 0.0.0.255Define a standard access list permitting addresses that need translation. Step 4interface ethernet 0Enter configuration mode for the Ethernet interface. Step 5ip nat insideEstablish the Ethernet interface as the inside interface. Step 6no shutdownEnable interface and configuration changes just made to the Ethernet interface. Step 7exitExit configuration mode for the Ethernet interface.
Chapter 4 Network Scenarios Configuring Dial Backup over the Console Port 4-24 Cisco 800 Series Software Configuration Guide 78-5372-06 encapsulation aal5mux ppp dialer dialer pool-member 1 ! bundle-enable ! interface Dialer0 ip address negotiated no ip directed-broadcast (default) ip nat outside encapsulation ppp dialer pool 1 ! ip nat inside source list 1 interface Dialer0 overload ip classless (default) ip route 0.0.0.0 0.0.0.0 Dialer 0 (default gateway) ! access-list 1 permit 192.168.1.0 0.0.0.255 ! end Configuring Dial Backup over the Console Port By allowing you to configure a backup modem line connection, dial backup provides protection against WAN downtime. Dial backup is inactive until it is configured. On Cisco 831, Cisco 837, Cisco SOHO 91, and Cisco SOHO 97 routers, both the console port and the auxiliary port in the Cisco IOS software configuration are on the same physical RJ-45 port. Therefore, both ports cannot be activated simultaneously, and the command-line interface (CLI) must be used to enable or disable either one. Configuring Dial Backup over the ISDN Interface Like the Cisco 831 and 837 routers and the Cisco SOHO 91 and 97 routers, the Cisco 836 router supports dial-in (for remote management) and dial-out (for dial backup) capabilities across the ISDN interface. The Cisco SOHO 96 router supports only the dial-in feature. Unlike the Cisco 831 and 837 routers and the Cisco SOHO 91 and 97 routers, the dial backup and remote management functions are configured on the Cisco 836 and Cisco SOHO 96 routers through the router’s ISDN S/T port.
4-25 Cisco 800 Series Software Configuration Guide 78-5372-06 Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface NoteThe remote management described next refers to backup remote management, which function allows external control of the router via the ISDN when the ATM link goes down. Dial Backup Feature Limitations and Configuration This section discusses the limitations and configuration of the dial backup feature on the Cisco 831, 836, and 837 routers and the Cisco SOHO 91, 96, and 97 routers. Cisco 836 and 837 Routers and Cisco SOHO 96 and 97 Routers The following can be used to bring up the dial backup feature in the Cisco IOS software for the Cisco 836 and 837 routers and the Cisco SOHO 96 and 97 routers: Backup Interfaces Floating Static Routes Dialer Watch For more information on the three features, see Chapter 1, “Concepts.” Backup Interfaces When the device receives an indication that the primary line is down, the backup interface is brought up. You can configure the backup interface to go down (after a specified time) when the primary connection is restored. The dial-on-demand routing (DDR) backup call is triggered by traffic of interest. Even if the backup interface comes out of standby mode, the router will not trigger the backup call unless it receives traffic of interest for that backup interface. Floating Static Routes Floating static routes depend on traffic of interest to trigger the DDR backup call. The router does not actually trigger the backup call unless it receives traffic of interest for that backup interface, even if the router installs the floating static route in the route table.
Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface 4-26 Cisco 800 Series Software Configuration Guide 78-5372-06 Floating static routes are independent of line protocol status. This is an important consideration on Frame Relay circuits wherein line protocol may not go down if the data-link connection identifier (DLCI) is inactive. Floating static routes are also encapsulation independent. NoteWhen static routes are configured, the primary interface protocol must go down in order to activate the floating static route. Dialer Watch Only the Extended Interior Gateway Routing Protocol (EIGRP) link-state dynamic routing protocols are supported. There is a bottleneck in supporting bridging over console backup interfaces because bridging is not supported over slower interfaces such as console ports or auxiliary ports. In the Cisco 836 and 837 routers, the dial backup feature is supported for the encapsulations identified in Ta b l e 4 - 1.
4-27 Cisco 800 Series Software Configuration Guide 78-5372-06 Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface Cisco 831 and Cisco SOHO 91 Routers Support for the dial backup feature on the Cisco 831 router is limited because the Ethernet WAN interface is always up, even when ISP connectivity is down across the modem connected to the Cisco 831 router. Support for dial backup is possible only for the PPPoE environment. The only way to bring up the backup interface is to simultaneously use the dialer watch feature. You also need to add the IP addresses of the peer in the dialer watch command and in the static route command to enable the dial backup when primary line goes down. Table 4-1 Encapsulation Types Supported by Dial Backup Feature—Cisco 836 and 837 Routers Encapsulation Ty p e ( W A N )Dial Backup PossibleType of Dial Backup Method Limitations PPP over ATM PPP over EthernetYe s Backup interface method Floating static routes Dialer watchFloating static route and dialer watch need a routing protocol to run in the router. The dialer watch method brings up the backup interface as soon as the primary link goes down. The backup interface is brought down as soon as the dialer timeout is reached and the primary interface is up. Router checks the primary interface only when the dialer timeout expires. The backup interface remains up until the dialer timeout is reached, even though the primary interface is up. For the dialer watch method, a routing protocol does not need to be running in the router, if the IP address of the peer is known. RFC 1483 (AAL5, SNAP, and MUX)Ye s Backup interface method Floating static routes Dialer watchIf bridging is done through the WAN interface, it is not supported across the auxiliary port.
Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface 4-28 Cisco 800 Series Software Configuration Guide 78-5372-06 For the Cisco SOHO 91 router, only dial-in capability is supported. Ta b l e 4 - 2 shows the encapsulation types supported by the Cisco 831 router dial backup. Configuring Dial Backup and Remote Management for the Cisco 837 and Cisco SOHO 97 Routers Figure 4-8 and Ta b l e 4 - 4 show how dial backup and remote management work in a network system when the primary line goes down. Table 4-2 Encapsulation Types Supported by Dial Backup—Cisco 831 Router Encapsulation TypeDial Backup PossibleType of Dial Backup Method Limitations PPPoE Yes Dialer watch Bridging is not supported across a slow interface, for example, an auxiliary port. The peer IP address of the ISP provider is needed to configure the dialer watch command and the IP static route. Normal IP in cable modem scenarioNo Dialer watch The IP addresses of the peers are needed for dialer watch to work properly. If a lease time obtained by DHCP is not set short enough (one or two minutes), dial backup will not be supported.
4-29 Cisco 800 Series Software Configuration Guide 78-5372-06 Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface Figure 4-8 Cisco 837 Router Dial Backup and Remote Management Configuring Dial Backup and Remote Management for the Cisco 836 and Cisco SOHO 96 Routers Figure 4-9, Figure 4-10, and Ta b l e 4 - 1 1 and Ta b l e 4 - 1 2 show how dial backup and remote management work in a network system when the primary line goes down. Two scenarios are typical applications of the Cisco 836 and the Cisco SOHO 96 routers. In Figure 4-9, the dial backup link goes through CPE splitter, DSLAM, and CO splitter before connecting to the ISDN switch. In Figure 4-10, the dial backup link goes directly from the Cisco 836 router to the ISDN switch. Callout Number Description 1Main WAN link; primary connection to Internet service provider 2Dial backup; serves as a failover link when primary line goes down 3Remote management; serves as dial-in access to allow changes or updates to Cisco IOS configurations 82269 1 3 2 23 AT M 837 Modem Modem Modem PC3620 PSTN
Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface 4-30 Cisco 800 Series Software Configuration Guide 78-5372-06 Figure 4-9 Cisco 836 Router Dial Backup and Remote Management—Dial Backup Through CPE Splitter, DSLAM, and CO Splitter Callout Number Description 1Primary ADSL interface 2Dial backup and remote management via ISDN interface; serves as a failover link when primary line goes down 3Administrator remote management via ISDN interface when the primary ADSL link is down; serves as dial-in access to allow changes or updates to Cisco IOS configuration 82892 Cisco 836CPE splitterAT M networkATM Aggregator Internet Web server Administrator ISDN switch ISDNISDN Peer Router CO splitter DSLAM 2 3 1
4-31 Cisco 800 Series Software Configuration Guide 78-5372-06 Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface Figure 4-10 Cisco 836 Router Dial Backup and Remote Management—Dial Backup Directly from Router to ISDN Switch PPP over ATM with Centrally Managed Addressing and with Dial Backup When customer premises equipment such as a Cisco 837 router is connected to an ISP, an IP address is dynamically assigned to the router, or the IP address may be assigned by its peer through the centrally managed function. The dial backup feature can be added to provide a failover route in case the primary line fails. Callout Number Description 1Primary ADSL interface 2Dial backup and remote management via ISDN interface; serves as a failover link when primary line goes down 3Administrator remote management via ISDN interface when the primary ADSL link is down; serves as dial-in access to allow changes or updates to Cisco IOS configuration 88208 PC836CPE splitterAT M networkAggregator Internet Web server Administrator ISDN switch DSLAM 2 3 1
Chapter 4 Network Scenarios Configuring Dial Backup over the ISDN Interface 4-32 Cisco 800 Series Software Configuration Guide 78-5372-06 Configuring Dial Backup and Remote Management for the Cisco 837 Router Follow the steps below to configure dial backup and remote management for the Cisco 837 router. Command Task Step 1ip name-server 206.13.28.12Enter your ISP DNS IP address. Step 2ip dhcp pool 1Configure CPE as a local DHCP server. Step 3vpdn enableEnable VPDN. Step 4vpdn-group 1Specify VPDN group for protocol PPPoE. Step 5chat-script Dialout ABORT ERROR ABORT BUSY ““ “AT” OK “ATDT 5555102 T” TIMEOUT 45 CONNECT \c Configure a chat script for a modem. Step 6interface Async1Enter configuration mode for the async interface. Step 7interface Dialer3Enter configuration mode for the dialer interface. Step 8dialer watch-group 1Specify the group number for watch-list. Step 9ip nat inside source list 101 interface Dialer3 overloadEstablish the Ethernet interface as the inside interface. Step 10ip route 0.0.0.0 0.0.0.0 ! (dial backup peer address @ISP)Set the IP route to point to the dialer interface as a default gateway. Step 11access-list 101 permit ip 192.168.0.0 0.0.255.255 anyDefine an extended access list permitting addresses that need translation. Step 12dialer watch-list 1 ip ! (ATM peer address @ISP) 255.255.255.255Evaluate the status of the primary link, based on the existence of routes to the peer. Step 13line con 0Enter configuration mode for the console interface. Step 14modem enableChange the console port to auxiliary port function. Step 15line aux 0Enter configuration mode for the auxiliary interface. Step 16flow control hardwareEnable hardware signal flow control