Cisco Systems SMC-127 manual SMC-163

Page 37

Configuring Secure Domain Routers on Cisco IOS XR Software

Configuration Examples for Secure Domain Routers

Adding nodes to an SDR: Cisco CRS-1 Router

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)# sdr rname2

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# location 0/0/*

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# end

Adding nodes to an SDR: Cisco XR 12000 Series Router

RP/0/0/CPU0:router# admin

RP/0/0/CPU0:router(admin)# configure

RP/0/0/CPU0:router(admin-config)# sdr rname2

RP/0/0/CPU0:router(admin-config-sdr:rname2)# location 0/5/*

RP/0/0/CPU0:router (admin-config-sdr:rname2)# end

Removing Nodes from a Secure Domain Router: Cisco CRS-1 Router

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)# sdr rname2

RP/0/RP0/CPU0:router(admin-config-sdr:rname2)# no location 0/0/*

RP/0/RP0/CPU0:router (admin-config-sdr:rname2)# end

Removing a Secure Domain Router: Cisco CRS-1 Router

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)# no sdr rname2

RP/0/RP0/CPU0:router (admin-config)# end

Configuring a Username and Password for a Non-Owner SDR

Connect to the DSC of the owner SDR.

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)#aaa authentication login remote local

RP/0/RP0/CPU0:router (admin-config)# end

To continue, connect a terminal to the console port of the non-owner SDR DSDRSC.

Username:xxxx@admin

Password:xxxx

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# username user1

RP/0/RP0/CPU0:router(config-un)# secret 5 XXXX

RP/0/RP0/CPU0:router(config-un)# group root-lr

RP/0/RP0/CPU0:router (config)# end

RP/0/RP0/CPU0:router# exit

Press RETURN to get started.

Username:user1

Password:xxxxx

Disabling Remote Login for SDRs

RP/0/RP0/CPU0:router# admin

RP/0/RP0/CPU0:router(admin)# configure

RP/0/RP0/CPU0:router(admin-config)#no aaa authentication login remote local

RP/0/RP0/CPU0:router (admin-config)# end

Cisco IOS XR System Management Configuration Guide

SMC-163

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Contents Configuring Secure Domain Routers on Cisco IOS XR SoftwareSMC-128 Prerequisites for Configuring Secure Domain RoutersWhat Is a Secure Domain Router? Information About Configuring Secure Domain RoutersOwner SDR and Administration Configuration Mode SMC-129Non-Owner SDRs SDR Access PrivilegesRoot-System Users SMC-130Other SDR Users Root-lr UsersSMC-131 DSCs and DSDRSCs in a Cisco CRS-1 Router Designated Secure Domain Router System Controller DsdrscSMC-132 SMC-133 DSC and DSDRSCs in a Cisco XR 12000 Series RouterSMC-134 Removing a Dsdrsc Configuration Default Configuration for New Non-Owner SDRsDefault Software Profile for SDRs SMC-135Rebooting an SDR Fault IsolationHigh Availability Implications Dsdrsc RedundancySMC-137 Cisco IOS XR Software Package ManagementSMC-138 DSC Migration on Cisco CRS-1 Multishelf SystemsSMC-139 CaveatsContents How to Configure Secure Domain RoutersCreating SDRs SMC-141 Summary StepsExample Command or Action PurposeSMC-142 To assign a single DRP node as the Dsdrsc To assign a DRP pair as the DsdrscTo assign an RP pair as the Dsdrsc SMC-143To add a DRP pair To add a single nodeTo add an RP pair SMC-144SMC-145 Creating SDRs in a 12000 Series RouterSee the DSC and DSDRSCs in a DSDRSCs in a Cisco XR 12000 Series Router section onCisco XR 12000 Series Router section on page SMC-133 SMC-146SMC-147 Refer to the Adding Nodes to a Non-Owner SDR sectionAdding Nodes to an SDR in a Cisco CRS-1 Router Adding Nodes to a Non-Owner SDRSMC-148 SMC-149 Creating SDRs in a Cisco CRS-1 RouterSMC-150 Adding Nodes to an SDR in a Cisco XR 12000 Series RouterA Cisco XR 12000 Series Router section on Removing Nodes and SDRsSMC-151 SMC-152 To remove a single node To remove a DsdrscTo remove a DRP pair To remove an RP pairSMC-154 Section on page SMC-150 Nodes to an SDR in a Cisco XR 12000 Series RouterSMC-155 SMC-156 Removing a Secure Domain RouterSMC-157 Configuring a Username and Password for a Non-Owner SDRSMC-158 Group root-lr End or commit ExitSMC-159 System Security Configuration Guide for moreSMC-160 See Disabling Remote Login for SDRs, page SMC-161for Disabling Remote Login for SDRsSMC-161 Creating a New SDR on a Cisco CRS-1 Router Configuration Examples for Secure Domain RoutersCreating an SDR on a Cisco XR 12000 Series Router SMC-162SMC-163 Related Documents Additional ReferencesStandards MIBsTechnical Assistance RFCsRFCs Title Description LinkSMC-166
Top Page Image Contents