Cisco Router 826 Routers Software Configuration Guide
Have a look at the manual Cisco Router 826 Routers Software Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
3-43 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring IP Security and GRE Tunneling Configuring a GRE Tunnel Interface Follow the steps below to configure the generic routing encapsulation (GRE) tunnel interface, starting in global configuration mode. Configuring the Ethernet Interfaces Perform the following tasks to configure the Ethernet 0 and Ethernet 1 interfaces, starting in global configuration mode. Step 8crypto map name seq-num ipsec-isakmpEnters crypto map configuration mode, and creates a crypto map entry in IPSec ISAKMP mode. Step 9set peer ip-addressIdentifies the remote IPSec peer. Step 10set transform-set nameSpecifies the transform set to be used. Step 11match address access-list-idSpecifies an extended access list for the crypto map entry. Step 12exitExits crypto map configuration mode. Command Purpose Command Purpose Step 1interface tunnel 0Configures the tunnel 0 interface. Step 2ip address ip-address subnet-maskSets the IP address and subnet mask for the tunnel 0 interface. Step 3tunnel source ethernet 1Specifies the Ethernet 1 interface as the tunnel source. Step 4tunnel destination default-gateway-ip-addressSpecifies the default gateway as the tunnel destination. Step 5crypto map nameAssociates a configured crypto map to the tunnel 0 interface. Step 6exitExits the tunnel 0 interface configuration. Command Purpose Step 1interface ethernet 0Configures the Ethernet 0 interface. Step 2ip address ip-address subnet-maskSets the IP address and subnet mask for the Ethernet 0 interface. Step 3exitExits the Ethernet 0 interface configuration. Step 4interface ethernet 1Configures the Ethernet 1 interface. Step 5ip address ip-address subnet-maskSets the IP address and subnet mask for the Ethernet 1 interface.
3-44 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring IP Security and GRE Tunneling Configuring Static Routes Follow the steps below to configure static routes, starting in global configuration mode. Configuring and Monitoring High-Speed Crypto Use the following command to enable high-speed crypto, starting with global configuration mode. crypto engine accelerator To disable high-speed crypto, use the following command: no crypto engine accelerator To monitor high-speed crypto, use the following command: show crypto engine accelerator statistic For more information on configuring IPSec, see the Cisco IOS Security Configuration Guide. Configuration Example This configuration example for the Cisco 831 router shows IPSec being used over a GRE tunnel. The example also applies to a SOHO 91 router. You do not need to enter the commands marked “default.” These commands appear automatically in the configuration file that is generated when you use the show running-config command. ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname 831-uut1 ! memory-size iomem 10 ! Step 6crypto map nameAssociates a crypto map with the Ethernet 1 interface. Step 7endExits router configuration mode. Command Purpose Command Purpose Step 1ip route default-gateway-ip-address mask ethernet 1Creates a static route for the Ethernet 1 interface. Step 2ip route default-gateway-ip-address mask tunnel 0Creates a static route for the tunnel 0 interface. Step 3ip route default-gateway-ip-address mask gateway-of-last-resortCreates a static route to the gateway of last resort. Step 4endExits router configuration mode.
3-45 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring IP Security and GRE Tunneling ip subnet-zero ! ip audit notify log ip audit po max-events 100 ! crypto isakmp policy 1 encr 3des authentication pre-share crypto isakmp key grel address 100.1.1.1 ! crypto ipsec security-association lifetime seconds 86400 ! crypto ipsec transform-set strong esp-3des esp-sha-hmac ! crypto map mymap local-address Ethernet1 crypto may mymap 1 ipsec-isakmp set peer 100.1.1.1 set transform-set strong match address 151 ! ! ! ! interface Tunnel0 ip address 1.1.1.1 255.255.255.0 tunnel source Ethernet1 tunnel destination 100.1.1.1 crypto map mymap ! interface Ethernet0 ip address 202.2.2.2 255.255.255.0 hold-queue 100 out ! interface Ethernet1 ip address 100.1.1.1 255.255.255.0 crypto map mymap ! ip classless ip route 200.1.1.0 255.255.255.0 Tunnel0 ip http server ! ! access-list 151 permit gre host 100.1.1.2 host 100.1.1.1 ! line con 0 no modem enable stopbits 1 line aux 0 line vty 0 4 ! scheduler max-task-time 5000 The following example shows IPSec configuration on a Cisco 837 router. version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 837-uutl ! memory-size iomem 10
3-46 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring Multilink PPP Fragmentation and Interleaving ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ! ip audit notify log ip audit po max-events 100 ip ssh time-out 120 ip ssh authentication-retries 3 ! crypto isakmp policy 1 encr 3des authentication pre-share crypto isakmp key grel address 100.1.1.1 ! crypto ipsec transform-set strong esp-3des esp-sha-hmac ! crypto map mymap local-address ATM0 crypto map mymap 1 ipsec-isakmp set peer 100.1.1.1 set transform-set strong match address 151 ! interface Tunnel0 ip address 1.1.1.1 255.255.255.0 ip mtu 1440 tunnel source ATM0 tunnel destination 100.1.1.1 crypto map mymap ! interface Ethernet0 ip address 202.2.2.2 255.255.255.0 hold-queue 100 out ! interface ATM0 ip address 100.1.1.2 255.255.255.0 no atm ilmi-keepalive pvc 1/40 protocol ip 100.1.1.1 broadcast encapsulation aa15snap ! dsl operating-mode auto crypto map mymap ! ip classless ip route 200.1.1.0 255.255.255.0 Tunnel0 ip http server ip pim bidir-enable Configuring Multilink PPP Fragmentation and Interleaving You should configure multilink PPP fragmentation if you have point-to-point connection using PPP encapsulation or if you have links slower than your network. PPP support for interleaving can be configured on a dialer interface. Follow the steps below to configure multilink PPP and interleaving on a dialer interface, beginning in global configuration mode.
3-47 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring Multilink PPP Fragmentation and Interleaving For complete information on the PPP fragmentation and interleaving commands, see the Dial Solutions Configuration Guide for Cisco IOS Release 12.0T. For general information on PPP fragmentation and interleaving concepts, see Chapter 1, “Concepts.” Configuration Example The following configuration defines a dialer interface that enables multilink PPP with interleaving and a maximum real-time traffic delay of 20 ms. The encapsulation type is defined as aal5mux. You do not need to enter the commands marked “default.” These commands appear automatically in the configuration file generated when you use the show running-config command. ! interface dialer 1 ppp multilink encapsulated ppp ppp multilink interleave bandwidth 640 ppp multilink fragment-delay 20 ip rtp reserve 16384 100 64 ! interface ATM0 pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1 Command Purpose Step 1interface dialerEnters configuration mode for the dialer interface. Step 2ppp multilinkEnables multilink PPP for the dialer interface. Step 3bandwidth nSpecifies the bandwidth number associated with the PVC that is using the dialer interface, where n is the value of the sustained cell rate (SCR) parameter of the PVC using that dialer interface. This is important because otherwise the dialer interface will assume a value of 100 kbps if a specific class of service is configured. Step 4ppp multilink interleaveEnables interleaving for RTP packets among the fragments of larger packets on a multilink PPP bundle. Step 5ppp multilink fragment-delay millisecondsConfigures a maximum fragment delay of 20 ms. This command is optional. Step 6ip rtp reserve lowest-UDP-port range-of-ports [maximum-bandwidth]Reserves a special queue for real-time packet flows to specified destination UDP ports, allowing real-time traffic to have higher priority than other flows. Step 7exitExits configuration mode for the dialer interface.
3-48 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring IP Precedence Verifying Your Configuration To verify that you have properly configured PPP fragmentation and interleaving, enter the debug ppp multilink fragment command, and then send out one 1500-byte ping packet. The debug message will display information about the fragments being transmitted. Configuring IP Precedence IP Precedence gives voice packets higher priority than other IP data traffic. Complete the following steps to configure real-time voice traffic precedence over other IP network traffic, beginning in global configuration mode. NoteIn IP Precedence, the numbers 1 through 5 identify classes for IP flows; the numbers 6 through 7 are used for network and backbone routing and updates. For complete information on the IP Precedence commands, see the Cisco IOS Release 12.2 documentation set. For general information on IP Precedence, see Chapter 1, “Concepts.” Configuration Example This configuration example shows a voice configuration with IP Precedence set. The IP destination target is set to 8 dialing digits, which automatically sets the IP precedence to 5 on the Cisco routers. The dial peer session target is RAS, which is a protocol that runs between the H.323 voice protocol gateway and gatekeeper. You do not need to enter the commands marked “default.” These commands appear automatically in the configuration file that is generated when you use the show running-config command. ! access-list 101 permit route-map data permit 10 set ip precedence routing Command Purpose Step 1configure terminalEnters configuration mode. Step 2dial-peer voice number voipEnters the dial peer configuration mode to configure a VoIP dial peer. Step 3destination-pattern numberSets a destination pattern. Step 4ip precedence numberSelects a precedence level for the voice traffic associated with that dial peer.
3-49 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring Voice Configuring Voice The Cisco 827 routers support voice using the H.323 signaling protocol. H.323 SGCP The default signaling protocol is H.323 signaling standard. Prerequisite Tasks Before you can configure your router to use voice, you need to perform the following tasks: Establish a working IP network. Complete your company dial plan. Establish a working telephony network based on your company dial plan. Integrate your dial plan and telephony network into your existing IP network topology. Configuring Voice for H.323 Signaling This section describes the tasks you need to perform to configure the router for H.323 signaling on the voice ports. Configuring the POTS Dial Peers To configure the POTS dial peers, use the following table, beginning in global configuration mode. Configuring Voice Dial Peers for H.323 Signaling Follow the steps below to configure voice dial peers for H.323 signaling, beginning in global configuration mode.Command Purpose Step 1dial-peer voice number POTSEnters configuration mode for the dial peer. Step 2destination-pattern stringDefines the destination telephone number associated with the VoIP dial peer. Step 3port numberSpecifies the port number. Command Purpose Step 1dial-peer voice number Vo I PEnters configuration mode for the dial peer. Step 2destination-pattern stringDefines the destination telephone number associated with each VoIP dial peer.
3-50
Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide
78-14565-03
Chapter 3 Basic Router Configuration
Configuring Voice
Configuring Voice Ports for H.323 Signaling
Voice port configuration should be automatic in the United States, however, if you are overseas, you may
need to do the following voice port configuration, beginning in global configuration mode.
For complete information on the dial peer commands, see the Cisco IOS Release 12.2
documentation
set. For more general information on dial peer concepts, see Chapter 1, “Concepts.”
Configuring Number Expansion
This section describes how to expand an extension number into a particular destination pattern. Use the
following global configuration command to expand the extension number:
Router(config)# num-exp extension-number extension-string
To verify that you have mapped the telephone numbers correctly, enter the show num-exp command.
Step 3codec string Specifies a codec if you are not using the default
codec of g.729.
Step 4session target {ipv4:destination-address} Specifies a destination IP address for each dial
peer. Command Purpose
Command Purpose
Step 1configure dial-peerEnters configuration mode for the dial peer.
Step 2voice-port portIdentifies the voice port you want to configure and
enters the voice port configuration mode.
Step 3cptone countrySelects the appropriate voice call progress tone
for this interface. The default country for this
command is us.
Step 4ring frequency (25 \ 50)Selects the ring frequency (in Hz) specific to the
equipment attached to this voice port and
appropriate to the country you are in.
Step 5description stringAttaches descriptive text about this voice port
connection.
Step 6comfort-noiseIf voice activity detection (VAD) is activated, this
command specifies that background noise is
generated.
Step 7impedanceSpecifies impedance, which is related to the
electrical characteristics of the device that is
plugged into a POTS port. Impedance is measured
in ohms.
3-51 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Configuring Voice After you have configured dial peers and assigned destination patterns to them, enter the show dialplan number command to see how a telephone number maps to a dial peer. For complete information on the number expansion commands, see the Cisco IOS documentation set. Configuration Example This configuration shows voice traffic configured. You do not need to enter the commands marked “default.” These commands appear automatically in the configuration file generated when you use the show running-config command. ! class-map voice match access-group 101 ! policy-map mypolicy class voice priority 128 class class-default fair-queue 16 ! ip subnet-zero ! gateway ! interface Ethernet0 ip address 20.20.20.20 255.255.255.0 no ip directed-broadcast (default) ip route-cache policy ip policy route-map data ! interface ATM0 ip address 10.10.10.20 255.255.255.0 no ip directed-broadcast (default) no atm ilmi-keepalive (default) pvc 1/40 service-policy output mypolicy protocol ip 10.10.10.36 broadcast vbr-nrt 640 600 4 ! 640 is the maximum upstream rate of ADSL encapsulation aal5snap ! bundle-enable h323-gateway voip interface h323-gateway voip id gk-twister ipaddr 172.17.1.1 1719 h323-gateway voip h323-id gw-820 h323-gateway voip tech-prefix 1# ! router eigrp 100 network 10.0.0.0 network 20.0.0.0 ! ip classless (default) no ip http server ! access-list 101 permit ip any any precedence critical route-map data permit 10 set ip precedence routine ! ! line con 0
3-52 Cisco 826, 827, 828, 831, 836, and 837 and Cisco SOHO 76, 77, 78, 91, 96, and 97 Routers Software Configuration Guide 78-14565-03 Chapter 3 Basic Router Configuration Cisco 827 Routers Configuration Examples exec-timeout 0 0 transport input none stopbits 1 line vty 0 4 login ! ! voice-port 1 local-alerting timeouts call-disconnect 0 ! voice-port 2 local-alerting timeouts call-disconnect 0 ! voice-port 3 local-alerting timeouts call-disconnect 0 ! voice-port 4 local-alerting timeouts call-disconnect 0 ! dial-peer voice 10 voip destination-pattern ........ ip precedence 5 session target ras ! dial-peer voice 1 pots destination-pattern 5258111 port 1 ! dial-peer voice 2 pots destination-pattern 5258222 port 2 ! dial-peer voice 3 pots destination-pattern 5258333 port 3 ! dial-peer voice 4 pots destination-pattern 5258444 port 4 ! end Cisco 827 Routers Configuration Examples The following examples are for the following configurations: Cisco 827-4V Router Configuration Cisco 827 Router Configuration Corporate or Endpoint Router Configuration for Data Network Corporate or Endpoint Router Configuration for Data and Voice Network These configurations are intended to be examples only. Your router configuration may look different depending on your network.