Configurazione Router Cisco per HDSL e Backup isdn
- Impostare un programma di comunicazione seriale a 9600 N 8 1
- Collegare il router con il cavo Cisco alla seriale ed aprire il collegamento
- Inserire la password
- Entrare in modo configurazione, utilizando l'apposita password con il comando
enable
- Cancellare la configurazione esistente:
lmrouter01#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm] *Mar 1 01:53:27.167: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
- Riavviare il router:
lmrouter01#reload Proceed with reload? [confirm] *Mar 1 01:54:37.115: %SYS-5-RELOAD: Reload requested by console.
- Il router si riavvia:
System Bootstrap, Version 12.2(1r)XE1, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support
Copyright (c) 2001 by cisco Systems, Inc.
C1700 platform with 131072 Kbytes of main memory
program load complete, entry point: 0x80008000, size: 0x918b7c
Self decompressing the image : ################################################]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-SV8Y-M), Version 12.2(11)T7, RELEASE SOFTWARE ()
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Fri 28-Feb-03 12:27 by dchih
Image text-base: 0x80008124, data-base: 0x81136984
cisco 1751 (MPC860P) processor (revision 0x300) with 117965K/13107K bytes of me.
Processor board ID FOC073123ZL (1457091729), with hardware revision 0000
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 FastEthernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
- Al termone inizia il menù diconfigurazione:
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:yes
- Si configura ora il management del router:
At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the system Would you like to enter basic management setup? [yes/no]: yes
- Impostare il nome del router:
Configuring global parameters: Enter host name [Router]: lmrouter01
Impostare il secret per l'enable:
The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after entered, becomes encrypted in the configuration. Enter enable secret: ciscosecret
Impostare la password di enable:
The enable password is used when you do not specify an enable secret password, with some older software versions, and some boot images. Enter enable password: ciscoenable
Impostare la password per il collegamento in terminale:
The virtual terminal password is used to protect access to the router over a network interface. Enter virtual terminal password: ciscoterminal
Non impostare la configurazione snmp:
Configure SNMP Network Management? [yes]: no
Ora viene mostrata la schermata di summary per la configurazione delle interfacce installate:
Interface IP-Address OK? Method Status Prol FastEthernet0/0 unassigned NO unset up up Serial0/0 unassigned NO unset up dow Serial0/1 unassigned NO unset down dow BRI1/0 unassigned NO unset up dow BRI1/0:1 unassigned YES unset down dow BRI1/0:2 unassigned YES unset down dow
Configuriamo ora l'interfaccia di managemente:
Enter interface name used to connect to the
management network from the above interface summary: FastEthernet0/0
Configuring interface FastEthernet0/0:
Use the 100 Base-TX (RJ-45) connector? [yes]:
Operate in full-duplex mode? [no]: y
Configure IP on this interface? [yes]: y
IP address for this interface: 192.168.1.17
Subnet mask for this interface [255.255.255.0] :
Class C network is 192.168.1.0, 24 subnet bits; mask is /24
Vengono ora mostrati i comandi di configurazione generati:
The following configuration command script was created: hostname lmrouter01 enable secret 5 $1$knzX$5LdGH1VJfPst5XZhlJXho. enable password ciscoenable line vty 0 4 password ciscoterminal no snmp-server ! no ip routing ! interface FastEthernet0/0 no shutdown media-type 100BaseX full-duplex ip address 192.168.1.17 255.255.255.0 ! interface Serial0/0 shutdown no ip address ! interface Serial0/1 shutdown no ip address ! end
Salvare la configurazione:
[0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit. Enter your selection [2]:
Verrà compilata òa configurazione, dopodichè, premendo invio, si arriverà al prompt del router:
Building configuration... Use the enabled mode 'configure' command to modify this configuration. Press RETURN to get started! *Mar 1 00:00:04.575: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state p *Mar 1 00:00:05.583: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEtherp *Mar 1 00:00:10.487: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up *Mar 1 00:00:10.491: %LINK-3-UPDOWN: Interface Serial0/1, changed state to down *Mar 1 00:00:11.487: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0p *Mar 1 00:00:11.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1n *Mar 1 00:00:11.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEtherp *Mar 1 00:01:06.327: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0n *Mar 1 00:01:08.331: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0p *Mar 1 00:01:28.783: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0n *Mar 1 00:07:19.159: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down *Mar 1 00:07:30.239: %LINK-5-CHANGED: Interface Serial0/0, changed state to adn *Mar 1 00:07:30.303: %LINK-5-CHANGED: Interface Serial0/1, changed state to adn *Mar 1 00:07:40.795: %LINK-5-CHANGED: Interface BRI1/0, changed state to adminn *Mar 1 00:07:41.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0, cn *Mar 1 00:07:51.731: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) C1700 Software (C1700-SV8Y-M), Version 12.2(11)T7, RELEASE SOFTWARE () TAC Support: http://www.cisco.com/tac Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Fri 28-Feb-03 12:27 by dchih *Mar 1 00:07:51.755: %SNMP-5-COLDSTART: SNMP agent on host lmrouter01 is undert *Mar 1 00:07:55.763: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern *Mar 1 00:08:03.479: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEtherp lmrouter01>
Entrare in modalità enable, con la password di enable secret:
lmrouter01>enable Password: ciscosecret lmrouter01#
Cambia il prompt.
Visualizzare la configurazione corrente tramite il comando show running-config.
E' possibile terminare i comandi con il TAB o usare anche le abbreviazioni. Qualora si desiderasse aiuto, digitare comando ?
lmrouter01#sh run Building configuration... Current configuration : 863 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname lmrouter01 ! enable secret 5 $1$knzX$5LdGH1VJfPst5XZhlJXho. enable password ciscoenable ! ip subnet-zero no ip routing ! ! ! ! ! voice call carrier capacity active ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! interface FastEthernet0/0 ip address 192.168.1.17 255.255.255.0 no ip route-cache speed auto full-duplex ! interface Serial0/0 no ip address no ip route-cache shutdown ! interface Serial0/1 no ip address no ip route-cache shutdown ! interface BRI1/0 no ip address no ip route-cache shutdown ! ip classless no ip http server ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 line aux 0 line vty 0 4 password ciscoterminal login ! no scheduler allocate end
Abilitiamo ora la richiesta di password per il collegamento da console o telnet:
Entriamo in modalità configurazione:
lmrouter01#conf t Enter configuration commands, one per line. End with CNTL/Z.
Selezioniamo la console 0:
lmrouter01(config)#line console 0 lmrouter01(config-line)#
Impostiamo la password per la console:
lmrouter01(config-line)#password ciscoconsole lmrouter01(config-line)#login
Terminiamo con CTRL-Z:
lmrouter01(config-line)#^Z lmrouter01# *Mar 1 00:19:05.255: %SYS-5-CONFIG_I: Configured from console by console lmrouter01#
Usciamo con exit, e al ricollegamento chiederà la password:
User Access Verification Password: ciscoconsole
Configurazione interfaccia Seriale
Entriamo nel menù di configurazione fino al prompt dell'interfaccia (aiutiamoci con il TAB):
lmrouter01>enable Password:ciscosecret lmrouter01#configure terminal Enter configuration commands, one per line. End with CNTL/Z. lmrouter01(config)#interface Serial 0/0 lmrouter01(config-if)#
Incolliamo i comandi di configurazione:
Seleziona l'interfaccia
interface Serial0/0
Senza ip:
no ip address
Dichiara il tipo di linea:
encapsulation frame-relay IETF
E' così:
no fair-queue
Tipo linea ANSI (non cisco)
frame-relay lmi-type ansi
Linea di commento
!
Ora si configura l'interfaccia vera e propria:
interface Serial0/0.1 point-to-point
Descrizione:
description connected to Internet
Indirizzi ip associati (sarà l'ip pubblico associato alla seriale, raggiungibile anche in caso di zottamento della ethernet):
ip address 83.211.14.110 255.255.255.252
Si associano quattro indirizzi IP:
- Network: 83.211.14.108 - Ip altro router in centrale: 83.211.14.109 - Ip Seriale: 83.211.14.110 - Broadcast: 83.211.14.111
Eventuale Access list
ip access-group 101 in
Eventuale nat
ip nat outside
Tipo linea:
frame-relay interface-dlci 20 IETF
Commento: !
Ecco i comandi:
interface Serial0/0 no ip address encapsulation frame-relay IETF no fair-queue frame-relay lmi-type ansi ! interface Serial0/0.1 point-to-point description connected to Internet ip address 83.211.14.110 255.255.255.252 frame-relay interface-dlci 20 IETF ! interface Serial0/1 no ip address shutdown !
Eccoli incollati:
lmrouter01(config-if)#interface Serial0/0 lmrouter01(config-if)# no ip address lmrouter01(config-if)# encapsulation frame-relay IETF lmrouter01(config-if)# no fair-queue lmrouter01(config-if)# frame-relay lmi-type ansi lmrouter01(config-if)#! lmrouter01(config-if)#interface Serial0/0.1 point-to-point lmrouter01(config-subif)# description connected to Internet lmrouter01(config-subif)# ip address 83.211.14.110 255.255.255.252 lmrouter01(config-subif)# frame-relay interface-dlci 20 IETF lmrouter01(config-fr-dlci)#! lmrouter01(config-fr-dlci)#interface Serial0/1 lmrouter01(config-if)# no ip address lmrouter01(config-if)# shutdown
Attivare la sotto-interfaccia:
lmrouter01(config-if)#no shutdown lmrouter01(config-if)# *Mar 1 01:00:49.023: %LINK-3-UPDOWN: Interface Serial0/1, changed state to down
Se si sono messi i co0mandi di ip e access-group, disabilitarli precedendoli con no<spazio>
Salvare la configurazione con CTRL-Z e veificarla:
lmrouter01(config-if)#^Z *Mar 1 01:02:55.855: %SYS-5-CONFIG_I: Configured from console by console lmrouter01#show running-config Building configuration... Current configuration : 1151 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname lmrouter01 ! enable secret 5 $1$knzX$5LdGH1VJfPst5XZhlJXho. enable password ciscoenable ! ip subnet-zero no ip routing ! ! ! ! ! voice call carrier capacity active ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! interface FastEthernet0/0 ip address 192.168.1.17 255.255.255.0 no ip route-cache speed auto full-duplex ! interface Serial0/0 no ip address encapsulation frame-relay IETF no ip route-cache no ip mroute-cache shutdown no fair-queue frame-relay lmi-type ansi ! interface Serial0/0.1 point-to-point description connected to Internet ip address 83.211.14.110 255.255.255.252 no ip route-cache frame-relay interface-dlci 20 IETF ! interface Serial0/1 no ip address no ip route-cache ! interface BRI1/0 no ip address no ip route-cache shutdown ! ip classless no ip http server ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 password ciscoconsole login line aux 0 line vty 0 4 password ciscoterminal login ! no scheduler allocate end
Se il router è un "voice:
conf t no call rsvp-sync
Attivare anche l'interfaccia Serial0:
lmrouter01#conf t Enter configuration commands, one per line. End with CNTL/Z. lmrouter01(config)#interface Serial 0/0 lmrouter01(config-if)#no shutdown lmrouter01(config-if)#^Z *Mar 1 01:10:04.087: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down *Mar 1 01:10:04.543: %SYS-5-CONFIG_I: Configured from console by console
Verificare lo stato delle interfacce in maniera riassuntiva:
lmrouter01#show ip interface brief Interface IP-Address OK? Method Status Prol FastEthernet0/0 192.168.1.17 YES manual up up Serial0/0 unassigned YES manual down dow Serial0/0.1 83.211.14.110 YES manual down dow Serial0/1 unassigned YES manual down dow BRI1/0 unassigned YES unset administratively down dow BRI1/0:1 unassigned YES unset administratively down dow BRI1/0:2 unassigned YES unset administratively down dow
Colleghiamo ora con il cavo CAB-SS-V35MT il DCE o un altro router configurato con l'ip giusto ed un cavo femmina CAB-V35FC m.3; noteremo che l'interfaccia seriale va in up e si accende la lucinaCONN dietro la scheda:
*Mar 1 00:55:18.203: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up *Mar 1 00:55:29.203: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
Impostiamo la default route ed Attiviamo il routing:
lmrouter01#conf t Enter configuration commands, one per line. End with CNTL/Z. lmrouter01(config)#ip route 0.0.0.0 0.0.0.0 Serial0/0.1 lmrouter01(config)#ip routing lmrouter01(config)#^Z *Mar 1 01:28:12.115: %SYS-5-CONFIG_I: Configured from console by console
Pinghiamo il router in centrale:
lmrouter01#ping 83.211.14.109 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 83.211.14.109, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Configuriamo ora l'interfaccia ISDN:
! interface BRI1/0 description connected to Internet no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 isdn tei-negotiation first-call isdn point-to-point-setup no cdp enable ppp authentication pap chap callin ppp multilink !
Seleiona la scheda
interface BRI1/0
Descrizione
description connected to Internet
Nessun ip per la scheda:
no ip address
Usa Ppp
encapsulation ppp
Così
dialer pool-member 1
ISDN Europea
isdn switch-type basic-net3 isdn tei-negotiation first-call
Punto punto
isdn point-to-point-setup
???
no cdp enable
Autenticaione ppp anche per dialin vi isdn
ppp authentication pap chap callin
Aggrega i due canali
ppp multilink
Eccoli:
lmrouter01(config)#interface BRI1/0 lmrouter01(config-if)# description connected to Internet lmrouter01(config-if)# no ip address lmrouter01(config-if)# encapsulation ppp lmrouter01(config-if)# dialer pool-member 1 lmrouter01(config-if)# isdn switch-type basic-net3 lmrouter01(config-if)# isdn tei-negotiation first-call lmrouter01(config-if)# isdn point-to-point-setup lmrouter01(config-if)# no cdp enable lmrouter01(config-if)# ppp authentication pap chap callin lmrouter01(config-if)# ppp multilink lmrouter01(config-if)# *Mar 1 01:17:14.543: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:1,n *Mar 1 01:17:14.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:2,n
Configuriamo ora la connessione isdn:
Selezioniamo la connessione: interface Dialer1
Descrizione
description connected to Internet
PRende ip in dhcp
ip address negotiated
Eventiuale nat in uscita
ip nat outside
Protocollo PPP
encapsulation ppp
??
no ip split-horizon
Crea un pool 1
dialer pool 1
Nome descrittivo remoto
dialer remote-name Backup-EDT
Timeout connesione 1 secondo
dialer idle-timeout 1
Numero da fare
dialer string 7021010742
??
dialer load-threshold 1 either
Fa parte del watch group 1 (vedi dopo)
dialer watch-group 1
Gruppo 1
dialer-group 1
??
no cdp enable
Valido per dialin
ppp authentication chap pap callin
Nome da inviare per l'autenzicazione ppp:
ppp chap hostname ca0000@livecom.it
Passowrd del collegamento non cifrata:
ppp chap password 0 pippo
??
ppp pap sent-username xxxxxx@backup password 7 xxxxxxxxxx
Usa multilink
ppp multilink
Solo dopo 30 secondi on demand
ppp timeout multilink link add 30
Termina multilink dopo 30 sec on demand
ppp timeout multilink link remove 30
Eccoli:
interface Dialer1 description connected to Internet ip address negotiated ip nat outside encapsulation ppp no ip split-horizon dialer pool 1 dialer remote-name Backup-EDT dialer idle-timeout 1 dialer string 7021010742 dialer load-threshold 1 either dialer watch-group 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname ca0000@livecom.it ppp chap password 0 pippo ppp pap sent-username xxxxxx@backup password 7 xxxxxxxxxx ppp multilink ppp timeout multilink link add 30 ppp timeout multilink link remove 30