Home > Cisco Systems > Router > Cisco Systems Router 1800 Series User Manual

Cisco Systems Router 1800 Series User Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Systems Router 1800 Series User Manual. The Cisco Systems manuals for Router are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 71

    Page 71 REVIEW DRAFT—CISCO CONFIDENTIAL 5-7 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Switch Port Configurations Switch Port Configurations The 8 high speed Ethernet ports on the Cisco 1800 (fixed) integrated router supports 8 VLANs per port. To configure and verify VLANs on the switch ports see the the “Configure VLANs” section on page 5-5 and the “Verify Your VLAN Configuration” section on page 5-5.... 
    REVIEW DRAFT—CISCO CONFIDENTIAL
5-7
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5      Configuring a LAN with DHCP and VLANs   Switch Port Configurations
Switch Port Configurations
The 8 high speed Ethernet ports on the Cisco 1800 (fixed) integrated router supports 8 VLANs per port. 
To configure and verify VLANs on the switch ports see the the 
“Configure VLANs” section on page 5-5 
and the “Verify Your VLAN Configuration” section on page 5-5....

    Page 72

    Page 72 REVIEW DRAFT—CISCO CONFIDENTIAL 5-8 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Switch Port Configurations Configuring VLANs (required) Configuring VLAN Trunking Protocol (optional) Configuring 802.1x Authentication (required) Configuring Spanning Tree on a VLAN (required) Configuring Layer 2 Interfaces (required) Configuring MAC Table Manipulation (required) Configuring the Switched... 
    REVIEW DRAFT—CISCO CONFIDENTIAL
5-8
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5      Configuring a LAN with DHCP and VLANs
  Switch Port Configurations
 Configuring VLANs (required)
 Configuring VLAN Trunking Protocol (optional)
 Configuring 802.1x Authentication (required)
 Configuring Spanning Tree on a VLAN (required)
 Configuring Layer 2 Interfaces (required)
 Configuring MAC Table Manipulation (required)
 Configuring the Switched...

    Page 73

    Page 73 REVIEW DRAFT—CISCO CONFIDENTIAL 5-9 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Switch Port Configurations Layer 2 Interfaces The integrated switch ports support Layer 2 switching across Ethernet ports based on Cisco IOS Catalyst Software. They support simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of... 
    REVIEW DRAFT—CISCO CONFIDENTIAL
5-9
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5      Configuring a LAN with DHCP and VLANs
  Switch Port Configurations
Layer 2 Interfaces
The integrated switch ports support Layer 2 switching across Ethernet ports based on Cisco IOS Catalyst 
Software. They support simultaneous, parallel connections between Layer 2 Ethernet segments. 
Switched connections between Ethernet segments last only for the duration of...

    Page 74

    Page 74 REVIEW DRAFT—CISCO CONFIDENTIAL 5-10 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Switch Port Configurations NotePer-Port enabling and disabling of unknown multicast and unicast packets is not supported on the Cisco 1800 (Fixed) configuration router. Per-Port Storm Control You can use these per-port storm control techniques to block the forwarding of unnecessary, flooded traffic. Fallback Bridging... 
    REVIEW DRAFT—CISCO CONFIDENTIAL
5-10
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5      Configuring a LAN with DHCP and VLANs
  Switch Port Configurations
NotePer-Port enabling and disabling of unknown multicast and unicast packets is not supported on the Cisco 
1800 (Fixed) configuration router.
Per-Port Storm Control
You can use these per-port storm control techniques to block the forwarding of unnecessary, flooded 
traffic.
Fallback Bridging...

    Page 75

    Page 75 CH A P T E R 6-1 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel The Cisco 1800 series integrated services fixed-configuration routers support the creation of Virtual Private Networks (VPNs). Cisco routers and other broadband devices provide high-performance connections to the Internet, but many applications also require the security of VPN connections which perform a high level of authentication... 
    CH A P T E R
 
6-1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
6
Configuring a VPN Using Easy VPN and an IPSec 
Tunnel
The Cisco 1800 series integrated services fixed-configuration routers support the creation of Virtual 
Private Networks (VPNs). 
Cisco routers and other broadband devices provide high-performance connections to the Internet, but 
many applications also require  the security of VPN connections which perform a high level of 
authentication...

    Page 76

    Page 76 1Remote, networked users 2VPN client—Cisco 1800 series integrated services router 3Router—Providing the corporate office network access 4VPN server—Easy VPN server; for example, a Cisco VPN 3000 concentrator with outside interface address 192.168.101.1 5Corporate office with a network address of 10.1.1.1 6IPSec tunnel 6-2 Cisco 1800 Series Integrated Services Rout ers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Cisco Easy VPN... 
    1Remote, networked users
2VPN client—Cisco 1800 series integrated services router
3Router—Providing the corporate office network access
4VPN server—Easy VPN server; for example, a Cisco VPN 3000 concentrator with outside 
interface address 192.168.101.1
5Corporate office with a network address of 10.1.1.1
6IPSec tunnel
 
6-2
Cisco 1800 Series Integrated Services Rout ers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  
Cisco Easy VPN...

    Page 77

    Page 77 6-3 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configure the IKE Policy An example showing the results of these configuration tasks is shown in the section “Configuration Example.” NoteThe procedures in this chapter assume that you have already configured basic router features as well as PPPoE or PPPoA with NAT, DCHP and VLANs. If you have not performed these configurations tasks,... 
     
6-3
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Configure the IKE Policy
An example showing the results of these configuration tasks is shown in the section “Configuration 
Example.”
NoteThe procedures in this chapter assume that you have already configured basic router features as well as 
PPPoE or PPPoA with NAT, DCHP and VLANs. If you have not performed these configurations tasks,...

    Page 78

    Page 78 6-4 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configure Group Policy Information Configure Group Policy Information Perform these steps to configure the group policy, beginning in global configuration mode: Step 6lifetime seconds Example: Router(config-isakmp)# lifetime 480Router(config-isakmp)# Specifies the lifetime, 60–86400 seconds, for an IKE security association (SA). Step... 
     
6-4
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Configure Group Policy Information
Configure Group Policy Information
Perform these steps to configure the group policy, beginning in global configuration mode:
Step 6lifetime seconds
Example:
Router(config-isakmp)# lifetime 480Router(config-isakmp)# 
Specifies the lifetime, 60–86400 seconds, for an 
IKE security association (SA).
Step...

    Page 79

    Page 79 6-5 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Apply Mode Configuration to the Crypto Map Apply Mode Configuration to the Crypto Map Perform these steps to apply mode configuration to the crypto map, beginning in global configuration mode: Command or ActionPurpose Step 1crypto map map-name isakmp authorization list list-name Example: Router(config)# crypto map dynmap isakmp... 
     
6-5
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel   Apply Mode Configuration to the Crypto Map
Apply Mode Configuration to the Crypto Map
Perform these steps to apply mode configuration to  the crypto map, beginning in global configuration 
mode:
Command or ActionPurpose
Step 1crypto map  map-name isakmp authorization list 
list-name
Example:
Router(config)#  crypto map dynmap isakmp...

    Page 80

    Page 80 6-6 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Enable Policy Lookup Enable Policy Lookup Perform these steps to enable policy lookup through AAA, beginning in global configuration mode: Command or ActionPurpose Step 1aaa new-model Example: Router(config)# aaa new-modelRouter(config)# Enables the AAA access control model. Step 2aaa authentication login {default | list-name }... 
     
6-6
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Enable Policy Lookup
Enable Policy Lookup
Perform these steps to enable policy lookup through AAA, beginning in global configuration mode:
Command or ActionPurpose
Step 1aaa new-model
Example:
Router(config)#  aaa new-modelRouter(config)# 
Enables the AAA access control model.
Step 2aaa authentication login  {default  |  list-name }...
    Start reading Cisco Systems Router 1800 Series User Manual
    All Cisco Systems manuals