Cisco Systems SMC-127 manual Configuration Examples for Secure Domain Routers, SMC-162

Page 36

Configuring Secure Domain Routers on Cisco IOS XR Software

Configuration Examples for Secure Domain Routers

 

Command or Action

Purpose

Step 3

 

 

no aaa authentication login remote local

Disables remote login.

 

Example:

 

 

RP/0/RP0/CPU0:router(admin-config)# no aaa

 

 

authentication login remote local

 

Step 4

 

 

end

Saves configuration changes.

 

or

When you issue the end command, the system prompts

 

 

 

commit

you to commit changes:

 

 

Uncommitted changes found. Commit them?

 

Example:

Entering yes saves configuration changes to the

 

RP/0/RP0/CPU0:router (admin-config)# end

running configuration file, exits the configuration

 

or

session, and returns the router to EXEC mode.

 

 

 

RP/0/RP0/CPU0:router(admin-config)# commit

Entering no exits the configuration session and

 

 

 

 

returns the router to EXEC mode without

 

 

committing the configuration changes.

 

 

Entering cancel leaves the user in the same

 

 

command mode without committing the

 

 

configuration changes.

 

 

Use the commit command to save the configuration

 

 

changes to the running configuration file and remain

 

 

within the configuration session.

 

 

 

Configuration Examples for Secure Domain Routers

Creating a New SDR on a Cisco CRS-1 Router

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)# pairing drp1

RP/0/RP0/CPU0:router(admin-config-pairing:drp1)# location 0/3/* 0/4/*

RP/0/RP0/CPU0:router(admin-config-pairing:drp1)#exit

RP/0/RP0/CPU0:router(admin-config)# sdr rname2

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# pair pair1 primary

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# location 0/0/*

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# end

Creating an SDR on a Cisco XR 12000 Series Router

RP/0/0/CPU0:router# admin

RP/0/0/CPU0:router(admin)# configure

RP/0/0/CPU0:router(admin-config)# sdr rname

RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/0/*

RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/1/*

RP/0/0/CPU0:router(admin-config-sdr:rname)# location 0/5/*

RP/0/0/CPU0:router(admin-config-sdr:rname)# end

Cisco IOS XR System Management Configuration Guide

SMC-162

Page 35 Page 37
Image 36
Page 35 Page 37
Contents Configuring Secure Domain Routers on Cisco IOS XR Software ContentsPrerequisites for Configuring Secure Domain Routers SMC-128Information About Configuring Secure Domain Routers What Is a Secure Domain Router?Owner SDR and Administration Configuration Mode SMC-129SDR Access Privileges Non-Owner SDRsRoot-System Users SMC-130Root-lr Users Other SDR UsersSMC-131 Designated Secure Domain Router System Controller Dsdrsc DSCs and DSDRSCs in a Cisco CRS-1 RouterSMC-132 DSC and DSDRSCs in a Cisco XR 12000 Series Router SMC-133SMC-134 Default Configuration for New Non-Owner SDRs Removing a Dsdrsc ConfigurationDefault Software Profile for SDRs SMC-135Fault Isolation Rebooting an SDRHigh Availability Implications Dsdrsc RedundancyCisco IOS XR Software Package Management SMC-137DSC Migration on Cisco CRS-1 Multishelf Systems SMC-138Caveats SMC-139How to Configure Secure Domain Routers ContentsCreating SDRs Summary Steps SMC-141Command or Action Purpose ExampleSMC-142 To assign a DRP pair as the Dsdrsc To assign a single DRP node as the DsdrscTo assign an RP pair as the Dsdrsc SMC-143To add a single node To add a DRP pairTo add an RP pair SMC-144Creating SDRs in a 12000 Series Router SMC-145DSDRSCs in a Cisco XR 12000 Series Router section on See the DSC and DSDRSCs in aCisco XR 12000 Series Router section on page SMC-133 SMC-146Refer to the Adding Nodes to a Non-Owner SDR section SMC-147Adding Nodes to a Non-Owner SDR Adding Nodes to an SDR in a Cisco CRS-1 RouterSMC-148 Creating SDRs in a Cisco CRS-1 Router SMC-149Adding Nodes to an SDR in a Cisco XR 12000 Series Router SMC-150Removing Nodes and SDRs A Cisco XR 12000 Series Router section onSMC-151 SMC-152 To remove a Dsdrsc To remove a single nodeTo remove a DRP pair To remove an RP pairSMC-154 Nodes to an SDR in a Cisco XR 12000 Series Router Section on page SMC-150SMC-155 Removing a Secure Domain Router SMC-156Configuring a Username and Password for a Non-Owner SDR SMC-157Group root-lr End or commit Exit SMC-158System Security Configuration Guide for more SMC-159SMC-160 Disabling Remote Login for SDRs See Disabling Remote Login for SDRs, page SMC-161forSMC-161 Configuration Examples for Secure Domain Routers Creating a New SDR on a Cisco CRS-1 RouterCreating an SDR on a Cisco XR 12000 Series Router SMC-162SMC-163 Additional References Related DocumentsStandards MIBsRFCs Technical AssistanceRFCs Title Description LinkSMC-166
Top Page Image Contents