Cisco Router 850 Series Software Configuration Guide

 
12-3
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 12      Configuring Security Features
  Configuring a CBAC Firewall
Access Groups
A sequence of access list definitions bound together with a common name or number is called an access 
group. An access group is enabled for an interface during interface configuration with the following 
command:
ip access-group {access-list-number | access-list-name}{in | out} 
where in | out refers to the...

 
12-4
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 12      Configuring Security Features
  Configuring Cisco IOS Firewall IDS
Configuring Cisco IOS Firewall IDS
Cisco IOS Firewall Intrusion Detection System (IDS) technology enhances perimeter firewall protection 
by taking appropriate action on packets and flows that violate the security policy or represent malicious 
network activity.
Cisco IOS Firewall IDS identifies 59 of the most common...

CH A P T E R
 
13-1
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
13
Configuring Dial Backup and Remote 
Management
The Cisco 800 series access routers support dial-in (for remote management) and dial-out (for dial 
backup) capabilities. By allowing you to configure a backup modem line connection, the Cisco
 800 
series access routers provide protection against WAN downtime. Dial backup is inactive by default, 
and
 must be configured to be active.
Dial...

 
13-2
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Activation Methods
Backup Interfaces
When the router receives an indica tion that the primary line is down, a backup interface is brought up. 
You can configure the backup interface to go down once the primary connection has been restored for a 
specified period.
This is accomplished using dial-on-demand routing (DDR)....

 
13-3
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management   Dial Backup Feature Activation Methods
NoteWhen static routes are configured, the primary interface protocol must go down in order to activate the 
floating static route.
Configuring Floating Static Routes
Static and dynamic routes are the two components of  floating static routes. Perform these steps to 
configure the static and dynamic...

 
13-4
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Activation Methods
NoteWhen dynamic routes are being used, the time it takes to activate a floating static route depends on the 
routing protocol convergence times.
Dialer Watch
The dialer watch method only supports the Extended Interior Gateway Routing Protocol (EIGRP) 
link-state dynamic routing protocols.
Configuring...

 
13-5
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Limitations
Dial Backup Feature Limitations
The following limitations exist for the dial backup feature:
 Bridging is not supported over console or auxiliary port backup interfaces.
 For the Cisco 851 router, only dial-in capability is supported. 
 Dial backup support on the Cisco 871 router is limited because the...

 
13-6
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Limitations
Configuration Example
The following three examples show sample configurations for the three dial backup methods.
Example 13-1 Configuring Dial Backup Using Backup Interfaces
!
vpdn enable!
vpdn-group 1
 accept-dialin protocol pppoe
!
! Specifies the ISDN switch typeisdn switch-type basic-net3
!
interface vlan 1...

 
13-7
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Limitations
!dsl operating-mode auto
!
! Dial backup interface, associated with physical BRI0 interface. ! Dialer pool 1 associates it with BRI0’s dialer pool member 1.
interface Dialer0
 ip address negotiated encapsulation ppp
 dialer pool 1
 dialer idle-timeout 30 dialer string 384040
 dialer-group 1
!! Primary interface...

 
13-8
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
OL-5332-01 
Chapter 13      Configuring Dial Backup and Remote Management
  Dial Backup Feature Limitations
!dsl operating-mode auto
!
! Dial backup interface, associated with physical BRI0 interface. ! Dialer pool 1 associates it with BRI0’s dialer pool member 1
interface Dialer0
 ip address negotiated encapsulation ppp
 dialer pool 1
 dialer idle-timeout 30 dialer string 384040
 dialer-group 1
!! Primary interface...